[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 17 20:44:35 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ef00b22 by Salvatore Bonaccorso at 2022-01-17T21:44:01+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,17 +15,17 @@ CVE-2022-0260
CVE-2022-0259
RESERVED
CVE-2022-0258 (pimcore is vulnerable to Improper Neutralization of Special Elements u ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0257 (pimcore is vulnerable to Improper Neutralization of Input During Web P ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0256 (pimcore is vulnerable to Improper Neutralization of Input During Web P ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0255
RESERVED
CVE-2022-0254
RESERVED
CVE-2022-0253 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
- TODO: check
+ NOT-FOR-US: livehelperchat
CVE-2022-0252
RESERVED
CVE-2022-0251
@@ -693,9 +693,9 @@ CVE-2022-0186
CVE-2022-0185
RESERVED
CVE-2022-0184 (Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR59 ...)
- TODO: check
+ NOT-FOR-US: TEPRA
CVE-2022-0183 (Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 ...)
- TODO: check
+ NOT-FOR-US: MIRUPASS
CVE-2020-36515
RESERVED
CVE-2022-23101
@@ -939,11 +939,11 @@ CVE-2022-21210
CVE-2022-21145
RESERVED
CVE-2022-0182 (Stored cross-site scripting vulnerability in Quiz And Survey Master ve ...)
- TODO: check
+ NOT-FOR-US: Quiz And Survey Master
CVE-2022-0181 (Reflected cross-site scripting vulnerability in Quiz And Survey Master ...)
- TODO: check
+ NOT-FOR-US: Quiz And Survey Master
CVE-2022-0180 (Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Mas ...)
- TODO: check
+ NOT-FOR-US: Quiz And Survey Master
CVE-2022-0179 (snipe-it is vulnerable to Improper Access Control ...)
NOT-FOR-US: snipe-it
CVE-2022-0178 (snipe-it is vulnerable to Improper Access Control ...)
@@ -2016,7 +2016,7 @@ CVE-2022-0133 (peertube is vulnerable to Improper Access Control ...)
CVE-2022-0132 (peertube is vulnerable to Server-Side Request Forgery (SSRF) ...)
- peertube <itp> (bug #950821)
CVE-2022-0131 (Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API ...)
- TODO: check
+ NOT-FOR-US: Jimoty App for Android
CVE-2021-4201
RESERVED
CVE-2022-22708
@@ -25748,7 +25748,7 @@ CVE-2021-38967 (IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileg
CVE-2021-38966 (IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site script ...)
NOT-FOR-US: IBM
CVE-2021-38965 (IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38964
RESERVED
CVE-2021-38963
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef00b2233fb5e9f4bd7706ff90e0b326a8025d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef00b2233fb5e9f4bd7706ff90e0b326a8025d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220117/1f029488/attachment.htm>
More information about the debian-security-tracker-commits
mailing list