[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Dec 22 13:14:08 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a4680853 by Moritz Muehlenhoff at 2022-12-22T14:13:48+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,25 +13,25 @@ CVE-2022-4645
 CVE-2022-4644 (Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. ...)
 	- rdiffweb <itp> (bug #969974)
 CVE-2022-4643 (A vulnerability was found in docconv up to 1.3.4. It has been declared ...)
-	TODO: check
+	NOT-FOR-US: docconv
 CVE-2022-4642 (A vulnerability was found in tatoeba2. It has been classified as probl ...)
-	TODO: check
+	NOT-FOR-US: Tatoeba
 CVE-2022-4641 (A vulnerability was found in pig-vector and classified as problematic. ...)
-	TODO: check
+	NOT-FOR-US: pig-vector
 CVE-2022-4640 (A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified a ...)
 	NOT-FOR-US: Mingsoft MCMS
 CVE-2022-4639 (A vulnerability, which was classified as critical, has been found in s ...)
 	TODO: check
 CVE-2022-4638 (A vulnerability classified as problematic was found in collective.cont ...)
-	TODO: check
+	NOT-FOR-US: collective.contact.widget
 CVE-2022-4637 (A vulnerability classified as problematic has been found in ep3-bs 1.8 ...)
-	TODO: check
+	NOT-FOR-US: ep3-bs
 CVE-2022-4636
 	RESERVED
 CVE-2022-4635
 	RESERVED
 CVE-2021-4275 (A vulnerability, which was classified as problematic, was found in kat ...)
-	TODO: check
+	NOT-FOR-US: pyambic-pentameter
 CVE-2023-22388
 	RESERVED
 CVE-2023-22387
@@ -79,15 +79,15 @@ CVE-2022-46658
 CVE-2022-4634
 	RESERVED
 CVE-2022-4633 (A vulnerability was found in Auto Upload Images 3.3.1 and classified a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4632 (A vulnerability has been found in Auto Upload Images 3.3.1 and classif ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4631 (A vulnerability, which was classified as problematic, was found in WP- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-46300
 	RESERVED
 CVE-2022-4630 (Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal ...)
-	TODO: check
+	NOT-FOR-US: daloRADIUS
 CVE-2022-4629
 	RESERVED
 CVE-2022-46286
@@ -127,13 +127,13 @@ CVE-2022-41696
 CVE-2022-40633
 	RESERVED
 CVE-2021-4274 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: bird-lg
 CVE-2021-4273 (A vulnerability classified as problematic was found in studygolang. Th ...)
-	TODO: check
+	NOT-FOR-US: studygolang
 CVE-2021-4272 (A vulnerability classified as problematic has been found in studygolan ...)
-	TODO: check
+	NOT-FOR-US: studygolang
 CVE-2021-4271 (A vulnerability was found in panicsteve w2wiki. It has been rated as p ...)
-	TODO: check
+	NOT-FOR-US: panicsteve w2wiki
 CVE-2021-4270 (A vulnerability was found in Imprint CMS. It has been classified as pr ...)
 	NOT-FOR-US: Imprint CMS
 CVE-2021-4269 (A vulnerability has been found in SimpleRisk and classified as problem ...)
@@ -143,21 +143,21 @@ CVE-2021-4268 (A vulnerability, which was classified as problematic, was found i
 CVE-2021-4267 (A vulnerability classified as problematic was found in tad_discuss. Af ...)
 	NOT-FOR-US: tad_discuss
 CVE-2021-4266 (A vulnerability classified as problematic has been found in Webdetails ...)
-	TODO: check
+	NOT-FOR-US: Webdetails cpf
 CVE-2021-4265 (A vulnerability was found in siwapp-ror. It has been rated as problema ...)
-	TODO: check
+	NOT-FOR-US: siwapp-ror
 CVE-2021-4264 (A vulnerability was found in LinkedIn dustjs 3.0.0 and classified as p ...)
-	TODO: check
+	NOT-FOR-US: dustjs
 CVE-2021-4263 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: leanote
 CVE-2020-36623 (A vulnerability was found in Pengu. It has been declared as problemati ...)
-	TODO: check
+	NOT-FOR-US: Pengu
 CVE-2020-36622 (A vulnerability was found in sah-comp bienlein and classified as probl ...)
-	TODO: check
+	NOT-FOR-US: sah-comp bienlein
 CVE-2020-36621 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: chedabob whatismyudid
 CVE-2020-36620 (A vulnerability was found in Brondahl EnumStringValues 4.0.1. It has b ...)
-	TODO: check
+	NOT-FOR-US: Brondahl EnumStringValues
 CVE-2023-22381
 	RESERVED
 CVE-2023-22380
@@ -4760,7 +4760,7 @@ CVE-2022-45112
 CVE-2022-44607
 	RESERVED
 CVE-2022-44449 (Stored cross-site scripting vulnerability in Zenphoto versions prior t ...)
-	TODO: check
+	NOT-FOR-US: Zenphoto
 CVE-2022-43502
 	RESERVED
 CVE-2022-43498
@@ -4819,7 +4819,7 @@ CVE-2022-46665
 CVE-2022-46664 (A vulnerability has been identified in Mendix Workflow Commons (All ve ...)
 	NOT-FOR-US: Siemens
 CVE-2022-46662 (Roxio Creator LJB starts another program with an unquoted file path. S ...)
-	TODO: check
+	NOT-FOR-US: Roxio
 CVE-2022-4310
 	RESERVED
 CVE-2022-4309
@@ -4873,7 +4873,7 @@ CVE-2022-46298
 CVE-2022-46283
 	RESERVED
 CVE-2022-46282 (Use after free vulnerability in CX-Drive V3.00 and earlier allows a lo ...)
-	TODO: check
+	NOT-FOR-US: CX-Drive
 CVE-2022-45469
 	RESERVED
 CVE-2022-43666
@@ -5935,7 +5935,7 @@ CVE-2022-46336
 CVE-2022-46335
 	RESERVED
 CVE-2022-46334 (Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability wh ...)
-	TODO: check
+	NOT-FOR-US: Proofpoint
 CVE-2022-46333 (The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) ...)
 	NOT-FOR-US: Proofpoint
 CVE-2022-46332 (The Admin Smart Search feature in Proofpoint Enterprise Protection (PP ...)
@@ -6616,9 +6616,9 @@ CVE-2022-46098
 CVE-2022-46097
 	RESERVED
 CVE-2022-46096 (A Cross site scripting (XSS) vulnerability in Sourcecodester Online Co ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester
 CVE-2022-46095 (Sourcecodester Covid-19 Directory on Vaccination System 1.0 was discov ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester
 CVE-2022-46094
 	RESERVED
 CVE-2022-46093
@@ -8373,11 +8373,11 @@ CVE-2022-45423
 CVE-2022-45422 (When LG SmartShare is installed, local privilege escalation is possibl ...)
 	NOT-FOR-US: LG
 CVE-2022-45122 (Cross-site scripting vulnerability in Movable Type Movable Type 7 r.53 ...)
-	TODO: check
+	- movabletype-opensource <removed>
 CVE-2022-45113 (Improper validation of syntactic correctness of input vulnerability ex ...)
-	TODO: check
+	- movabletype-opensource <removed>
 CVE-2022-43660 (Improper neutralization of Server-Side Includes (SSW) within a web pag ...)
-	TODO: check
+	- movabletype-opensource <removed>
 CVE-2022-3995 (The TeraWallet plugin for WordPress is vulnerable to Insecure Direct O ...)
 	NOT-FOR-US: TeraWallet plugin for WordPress
 CVE-2022-3994



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a468085336980f2f701153f0669b651fb01dcbd1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a468085336980f2f701153f0669b651fb01dcbd1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221222/35dbf79f/attachment.htm>

More information about the debian-security-tracker-commits mailing list