[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Wed Apr 20 14:18:45 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0dd1759c by Neil Williams at 2022-04-20T14:18:01+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11559,7 +11559,7 @@ CVE-2022-0646 (A flaw use after free in the Linux kernel Management Component Tr
- linux <not-affected> (Vulnerable code introduced later)
NOTE: https://lore.kernel.org/all/20220211011552.1861886-1-jk@codeconstruct.com.au/T/
CVE-2022-0645 (Open redirect vulnerability via endpoint authorize_and_redirect/?redir ...)
- TODO: check
+ NOT-FOR-US: posthog
CVE-2022-0644 [vfs: check fd has read access in kernel_read_file_from_fd()]
RESERVED
{DSA-5096-1 DLA-2941-1}
@@ -21704,7 +21704,7 @@ CVE-2021-46124
CVE-2021-46123
RESERVED
CVE-2021-46122 (Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 ...)
- TODO: check
+ NOT-FOR-US: Tp-Link TL-WR840N
CVE-2021-46121
RESERVED
CVE-2021-46120
@@ -24984,9 +24984,9 @@ CVE-2021-45230 (In Apache Airflow prior to 2.2.0. This CVE applies to a specific
CVE-2021-45229 (It was discovered that the "Trigger DAG with config" screen was suscep ...)
- airflow <itp> (bug #819700)
CVE-2021-45228 (An XSS issue was discovered in COINS Construction Cloud 11.12. Due to ...)
- TODO: check
+ NOT-FOR-US: COINS Construction Cloud
CVE-2021-45227 (An issue was discovered in COINS Construction Cloud 11.12. Due to an i ...)
- TODO: check
+ NOT-FOR-US: COINS Construction Cloud
CVE-2021-45226 (An issue was discovered in COINS Construction Cloud 11.12. Due to impr ...)
NOT-FOR-US: COINS Construction Cloud
CVE-2021-45225 (An issue was discovered in COINS Construction Cloud 11.12. Due to impr ...)
@@ -31177,7 +31177,7 @@ CVE-2021-43635 (A Cross Site Scripting (XSS) vulnerability exists in Codex befor
CVE-2021-43634
RESERVED
CVE-2021-43633 (Sourcecodester Messaging Web Application 1.0 is vulnerable to stored X ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Messaging Web
CVE-2021-43632
RESERVED
CVE-2021-43631 (Projectworlds Hospital Management System v1.0 is vulnerable to SQL inj ...)
@@ -32238,15 +32238,15 @@ CVE-2021-43292
CVE-2021-43291
RESERVED
CVE-2021-43290 (An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacke ...)
- TODO: check
+ NOT-FOR-US: ThoughtWorks GoCD
CVE-2021-43289 (An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacke ...)
- TODO: check
+ NOT-FOR-US: ThoughtWorks GoCD
CVE-2021-43288 (An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacke ...)
- TODO: check
+ NOT-FOR-US: ThoughtWorks GoCD
CVE-2021-43287 (An issue was discovered in ThoughtWorks GoCD before 21.3.0. The busine ...)
- TODO: check
+ NOT-FOR-US: ThoughtWorks GoCD
CVE-2021-43286 (An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacke ...)
- TODO: check
+ NOT-FOR-US: ThoughtWorks GoCD
CVE-2021-43285
RESERVED
CVE-2021-43284 (An issue was discovered on Victure WR1200 devices through 1.0.3. The r ...)
@@ -32302,7 +32302,7 @@ CVE-2021-43259
CVE-2021-43258
RESERVED
CVE-2021-43257 (Lack of Neutralization of Formula Elements in the CSV API of MantisBT ...)
- TODO: check
+ - mantis <removed>
CVE-2021-3923
RESERVED
CVE-2021-3922
@@ -33558,7 +33558,9 @@ CVE-2021-43156 (In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability
CVE-2021-43155 (Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injecti ...)
NOT-FOR-US: ProjectWorlds Online Book Store PHP
CVE-2021-43154 (Cross Site Scripting (XSS) vulnerability exists in CMS Made Simple 2.2 ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
+ NOTE: CVE ref is a 404
+ NOTE: https://vuldb.com/?id.197294
CVE-2021-43153
RESERVED
CVE-2021-43152
@@ -33611,7 +33613,7 @@ CVE-2021-43131
CVE-2021-43130 (An SQL Injection vulnerability exists in Sourcecodester Customer Relat ...)
NOT-FOR-US: Sourcecodester
CVE-2021-43129 (An Access Control vulnerability exists in Desire2Learn/D2L Learning Ma ...)
- TODO: check
+ NOT-FOR-US: D2L Brightspace LMS
CVE-2021-43128
RESERVED
CVE-2021-43127
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dd1759cc6b96f62c2bf70062b30f1c3384b444b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dd1759cc6b96f62c2bf70062b30f1c3384b444b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220420/e7303f43/attachment.htm>
More information about the debian-security-tracker-commits
mailing list