[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Dec 16 12:50:18 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c230134 by Moritz Muehlenhoff at 2022-12-16T13:49:51+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,21 +39,21 @@ CVE-2022-4529
 CVE-2022-4528
 	RESERVED
 CVE-2022-4527 (A vulnerability was found in collective.task up to 3.0.9. It has been  ...)
-	TODO: check
+	NOT-FOR-US: collective.task
 CVE-2022-4526 (A vulnerability was found in django-photologue up to 3.15.1 and classi ...)
-	TODO: check
+	NOT-FOR-US: django-photologue
 CVE-2022-4525 (A vulnerability has been found in National Sleep Research Resource sle ...)
-	TODO: check
+	NOT-FOR-US: National Sleep Research Resource
 CVE-2022-4524 (A vulnerability, which was classified as problematic, was found in Roo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4523 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: Virtual Exim 2
 CVE-2022-4522 (A vulnerability classified as problematic was found in CalendarXP up t ...)
-	TODO: check
+	NOT-FOR-US: CalenderXP
 CVE-2022-4521 (A vulnerability classified as problematic has been found in WSO2 carbo ...)
-	TODO: check
+	NOT-FOR-US: WSO carbon-registry
 CVE-2022-4520 (A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has ...)
-	TODO: check
+	NOT-FOR-US: WSO carbon-registry
 CVE-2022-4519 (The WP User plugin for WordPress is vulnerable to Stored Cross-Site Sc ...)
 	NOT-FOR-US: WP User plugin for WordPress
 CVE-2022-4518
@@ -198,13 +198,13 @@ CVE-2022-4516
 CVE-2022-4515
 	RESERVED
 CVE-2022-4514 (A vulnerability, which was classified as problematic, was found in Ope ...)
-	TODO: check
+	NOT-FOR-US: OpenCaching oc-server3
 CVE-2022-4513 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: European Environment Agency eionet.contreg
 CVE-2022-4512
 	RESERVED
 CVE-2022-4511 (A vulnerability has been found in RainyGao DocSys and classified as cr ...)
-	TODO: check
+	NOT-FOR-US: RainyGao DocSys
 CVE-2022-4510
 	RESERVED
 CVE-2022-4509
@@ -214,7 +214,7 @@ CVE-2022-43494
 CVE-2022-38469
 	RESERVED
 CVE-2021-4245 (A vulnerability classified as problematic has been found in chbrown rf ...)
-	TODO: check
+	NOT-FOR-US: rfc6902
 CVE-2022-47449
 	RESERVED
 CVE-2022-47448
@@ -2458,33 +2458,33 @@ CVE-2022-46704
 CVE-2022-46703
 	RESERVED
 CVE-2022-46702 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46701 (The issue was addressed with improved bounds checks. This issue is fix ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46700 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46699 (A memory corruption issue was addressed with improved state management ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46698 (A logic issue was addressed with improved checks. This issue is fixed  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46697 (An out-of-bounds access issue was addressed with improved bounds check ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46696 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46695 (A spoofing issue existed in the handling of URLs. This issue was addre ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46694 (An out-of-bounds write issue was addressed with improved input validat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46693 (An out-of-bounds write issue was addressed with improved input validat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46692 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46691 (A memory consumption issue was addressed with improved memory handling ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46690 (An out-of-bounds write issue was addressed with improved input validat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46689 (A race condition was addressed with additional validation. This issue  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2022-46688 (A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Ger ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2022-46687 (Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build d ...)
@@ -4626,7 +4626,7 @@ CVE-2022-45971
 CVE-2022-45970 (Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via the bulle ...)
 	NOT-FOR-US: Alist
 CVE-2022-45969 (Alist v3.4.0 is vulnerable to Directory Traversal, ...)
-	TODO: check
+	NOT-FOR-US: Alist
 CVE-2022-45968 (Alist v3.4.0 is vulnerable to File Upload. A user with only file uploa ...)
 	NOT-FOR-US: Alist
 CVE-2022-45967
@@ -6601,7 +6601,7 @@ CVE-2022-45340
 CVE-2022-45339
 	RESERVED
 CVE-2022-45338 (An arbitrary file upload vulnerability in the profile picture upload f ...)
-	TODO: check
+	NOT-FOR-US: Exact Synergy Enterprise
 CVE-2022-45337 (Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow  ...)
 	NOT-FOR-US: Tenda
 CVE-2022-45336
@@ -7562,9 +7562,9 @@ CVE-2022-45028 (A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.
 CVE-2022-45027
 	RESERVED
 CVE-2022-45026 (An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode an ...)
-	TODO: check
+	NOT-FOR-US: Markdown Preview Enhanced
 CVE-2022-45025 (Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was d ...)
-	TODO: check
+	NOT-FOR-US: Markdown Preview Enhanced
 CVE-2022-45024
 	RESERVED
 CVE-2022-45023
@@ -9431,7 +9431,7 @@ CVE-2022-44645
 CVE-2022-44644
 	RESERVED
 CVE-2022-3853 (Cross-site Scripting (XSS) is a client-side code injection attack. The ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3852 (The VR Calendar plugin for WordPress is vulnerable to Cross-Site Reque ...)
 	NOT-FOR-US: VR Calendar plugin for WordPress
 CVE-2022-3851



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c230134d8c1257561d2c549de0da96be225d817

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c230134d8c1257561d2c549de0da96be225d817
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221216/1a6b57b8/attachment.htm>

More information about the debian-security-tracker-commits mailing list