[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 16 05:51:27 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7d4ef1b1 by Salvatore Bonaccorso at 2022-02-16T06:42:15+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3983,9 +3983,9 @@ CVE-2022-0343
CVE-2022-0342
RESERVED
CVE-2021-46558 (Multiple cross-site scripting (XSS) vulnerabilities in the Add User mo ...)
- TODO: check
+ NOT-FOR-US: Issabel
CVE-2021-46557 (Vicidial 2.14-783a was discovered to contain a cross-site scripting (X ...)
- TODO: check
+ NOT-FOR-US: Vicidial
CVE-2021-46556 (Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ...)
NOT-FOR-US: Cesanta MJS
CVE-2021-46555
@@ -4173,11 +4173,11 @@ CVE-2021-46465
CVE-2021-46464
RESERVED
CVE-2021-46463 (njs through 0.7.1, used in NGINX, was discovered to contain a control ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2021-46462 (njs through 0.7.1, used in NGINX, was discovered to contain a segmenta ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2021-46461 (njs through 0.7.0, used in NGINX, was discovered to contain an out-of- ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2021-46460
RESERVED
CVE-2021-46459 (Victor CMS v1.0 was discovered to contain multiple SQL injection vulne ...)
@@ -4923,7 +4923,7 @@ CVE-2022-23639 (crossbeam-utils provides atomics, synchronization primitives, sc
CVE-2022-23638 (svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scri ...)
TODO: check
CVE-2022-23637 (K-Box is a web-based application to manage documents, images, videos a ...)
- TODO: check
+ NOT-FOR-US: K-Box
CVE-2022-23636
RESERVED
CVE-2022-23635
@@ -5012,7 +5012,7 @@ CVE-2022-23606
CVE-2022-23605 (Wire webapp is a web client for the wire messaging protocol. In versio ...)
NOT-FOR-US: Wire webapp
CVE-2022-23604 (x26-Cogs is a repository of cogs made by Twentysix for the Red Discord ...)
- TODO: check
+ NOT-FOR-US: x26-Cogs
CVE-2022-23603 (iTunesRPC-Remastered is a discord rich presence application for use wi ...)
NOT-FOR-US: iTunesRPC-Remastered
CVE-2022-23602 (Nimforum is a lightweight alternative to Discourse written in Nim. In ...)
@@ -5622,7 +5622,7 @@ CVE-2022-23386
CVE-2022-23385
RESERVED
CVE-2022-23384 (YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2022-23383
RESERVED
CVE-2022-23382
@@ -5756,7 +5756,7 @@ CVE-2022-23319
CVE-2022-23318
RESERVED
CVE-2022-23317 (CobaltStrike <=4.5 HTTP(S) listener does not determine whether the ...)
- TODO: check
+ NOT-FOR-US: CobaltStrike
CVE-2022-23316 (An issue was discovered in taoCMS v3.0.2. There is an arbitrary file r ...)
NOT-FOR-US: taocms
CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnera ...)
@@ -7935,7 +7935,7 @@ CVE-2022-22772
CVE-2022-22771
RESERVED
CVE-2022-22770 (The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe cont ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2022-22769 (The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX ...)
NOT-FOR-US: TIBCO
CVE-2022-22768
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d4ef1b1f50fbaef15997a687a961ed7a747b684
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d4ef1b1f50fbaef15997a687a961ed7a747b684
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220216/057fe4d2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list