[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jan 6 08:29:56 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cba5df20 by Salvatore Bonaccorso at 2022-01-06T09:29:27+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64,7 +64,7 @@ CVE-2022-22150
CVE-2022-0130
RESERVED
CVE-2021-46145 (The keyfob subsystem in Honda Civic 2012 vehicles allows a replay atta ...)
- TODO: check
+ NOT-FOR-US: keyfob subsystem in Honda Civic 2012 vehicles
CVE-2021-46143 (In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an int ...)
- expat <unfixed>
NOTE: https://github.com/libexpat/libexpat/issues/532
@@ -312,9 +312,9 @@ CVE-2022-22569
CVE-2022-22568
RESERVED
CVE-2022-0122 (forge is vulnerable to URL Redirection to Untrusted Site ...)
- TODO: check
+ NOT-FOR-US: forge
CVE-2022-0121 (hoppscotch is vulnerable to Exposure of Sensitive Information to an Un ...)
- TODO: check
+ NOT-FOR-US: hoppscotch
CVE-2022-22567
RESERVED
CVE-2022-22566
@@ -1368,11 +1368,11 @@ CVE-2021-45972 (The giftrans function in giftrans 1.12.2 contains a stack-based
- giftrans <unfixed> (bug #1002739; unimportant)
NOTE: Negligible security impact; crash in CLI tool
CVE-2021-45971 (An issue was discovered in SdHostDriver in Insyde InsydeH2O with kerne ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2021-45970 (An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5 ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2021-45969 (An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2021-45968
RESERVED
CVE-2021-45967
@@ -8100,9 +8100,9 @@ CVE-2022-21654
CVE-2022-21653 (Jawn is an open source JSON parser. Extenders of the `org.typelevel.ja ...)
TODO: check
CVE-2022-21652 (Shopware is an open source e-commerce software platform. In affected v ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2022-21651 (Shopware is an open source e-commerce software platform. An open redir ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2022-21650 (Convos is an open source multi-user chat that runs in a web browser. Y ...)
NOT-FOR-US: Convos
CVE-2022-21649 (Convos is an open source multi-user chat that runs in a web browser. C ...)
@@ -8148,7 +8148,7 @@ CVE-2021-43949
CVE-2021-43948
RESERVED
CVE-2021-43947 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-43946 (Affected versions of Atlassian Jira Server and Data Center allow authe ...)
NOT-FOR-US: Atlassian
CVE-2021-43945
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cba5df2031610aa7fdd36bb6a235866380e6ab88
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cba5df2031610aa7fdd36bb6a235866380e6ab88
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220106/d0a22576/attachment.htm>
More information about the debian-security-tracker-commits
mailing list