[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Thu Apr 21 09:36:14 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b5f6b420 by Neil Williams at 2022-04-21T09:35:54+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1186,7 +1186,7 @@ CVE-2022-1332 (One of the API in Mattermost version 6.4.1 and earlier fails to p
CVE-2022-1331
RESERVED
CVE-2022-1330 (stored xss due to unsantized anchor url in GitHub repository alvarotri ...)
- TODO: check
+ NOT-FOR-US: fullpage.js
CVE-2022-1329 (The Elementor Website Builder plugin for WordPress is vulnerable to un ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1328 (Buffer Overflow in uudecoder in Mutt affecting all versions starting f ...)
@@ -9957,7 +9957,7 @@ CVE-2022-24373
CVE-2022-24298
RESERVED
CVE-2022-24279 (The package madlib-object-utils before 0.1.8 are vulnerable to Prototy ...)
- TODO: check
+ NOT-FOR-US: madlib-object-utils
CVE-2022-24278
RESERVED
CVE-2022-24068
@@ -9987,7 +9987,7 @@ CVE-2022-21811
CVE-2022-21810
RESERVED
CVE-2022-21803 (This affects the package nconf before 0.11.4. When using the memory en ...)
- TODO: check
+ NOT-FOR-US: node nconf
CVE-2022-21802
RESERVED
CVE-2022-21797
@@ -12921,7 +12921,7 @@ CVE-2022-24817
CVE-2022-24816 (JAI-EXT is an open-source project which aims to extend the Java Advanc ...)
TODO: check
CVE-2022-24815 (JHipster is a development platform to quickly generate, develop, & ...)
- TODO: check
+ NOT-FOR-US: JHipster
CVE-2022-24814 (Directus is a real-time API and App dashboard for managing SQL databas ...)
NOT-FOR-US: Directus
CVE-2022-24813 (CreateWiki is Miraheze's MediaWiki extension for requesting & crea ...)
@@ -12960,7 +12960,7 @@ CVE-2022-24801 (Twisted is an event-based framework for internet applications, s
CVE-2022-24800
RESERVED
CVE-2022-24799 (wire-webapp is the web application interface for the wire messaging se ...)
- TODO: check
+ NOT-FOR-US: wire-webapp
CVE-2022-24798 (Internet Routing Registry daemon version 4 is an IRR database server, ...)
NOT-FOR-US: Internet Routing Registry daemon (iird)
CVE-2022-24797 (Pomerium is an identity-aware access proxy. In distributed service mod ...)
@@ -26482,7 +26482,7 @@ CVE-2022-21832
CVE-2022-21831
RESERVED
CVE-2022-21830 (A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 ...)
- TODO: check
+ NOT-FOR-US: Rocket.Chat.Livechat
CVE-2022-21829
RESERVED
CVE-2022-21828 (A user with high privilege access to the Incapptic Connect web console ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5f6b42003332e7372ff2343a7e3cab12b27456e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5f6b42003332e7372ff2343a7e3cab12b27456e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220421/468014fb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list