[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 21 08:20:50 GMT 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0aa95ec2 by Salvatore Bonaccorso at 2022-01-21T09:20:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1157,9 +1157,9 @@ CVE-2022-23317
 CVE-2022-23316
 	RESERVED
 CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnera ...)
-	TODO: check
+	NOT-FOR-US: MCMS
 CVE-2022-23314 (MCMS v5.2.4 was discovered to contain a SQL injection vulnerability vi ...)
-	TODO: check
+	NOT-FOR-US: MCMS
 CVE-2022-23313
 	RESERVED
 CVE-2022-22137
@@ -1313,33 +1313,33 @@ CVE-2021-46337 (There is an Assertion 'page_p != NULL' failed at /parser/js/js-p
 CVE-2021-46336 (There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' f ...)
 	TODO: check
 CVE-2021-46335 (Moddable SDK v11.5.0 was discovered to contain a NULL pointer derefere ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46334 (Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46333 (Moddable SDK v11.5.0 was discovered to contain an invalid memory acces ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46332 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow  ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46331 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46330 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46329 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46328 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow  ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46327 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46326 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow  ...)
-	TODO: check
+	NOT-FOR-US: Moddable SDK
 CVE-2021-46325 (Espruino 2v10.246 was discovered to contain a stack buffer overflow vi ...)
-	TODO: check
+	NOT-FOR-US: Espruino
 CVE-2021-46324 (Espruino 2v11.251 was discovered to contain a stack buffer overflow vi ...)
-	TODO: check
+	NOT-FOR-US: Espruino
 CVE-2021-46323 (Espruino 2v11.251 was discovered to contain a SEGV vulnerability via s ...)
-	TODO: check
+	NOT-FOR-US: Espruino
 CVE-2021-46322 (Duktape v2.99.99 was discovered to contain a SEGV vulnerability via th ...)
-	TODO: check
+	NOT-FOR-US: Duktape
 CVE-2021-46321
 	RESERVED
 CVE-2021-46320
@@ -2468,11 +2468,11 @@ CVE-2022-22932
 CVE-2022-22931
 	RESERVED
 CVE-2022-22930 (A remote code execution (RCE) vulnerability in the Template Management ...)
-	TODO: check
+	NOT-FOR-US: MCMS
 CVE-2022-22929 (MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: MCMS
 CVE-2022-22928 (MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing att ...)
-	TODO: check
+	NOT-FOR-US: MCMS
 CVE-2022-22927
 	RESERVED
 CVE-2022-22926
@@ -4656,7 +4656,7 @@ CVE-2021-46063
 CVE-2021-46062
 	RESERVED
 CVE-2021-46061 (An SQL Injection vulnerability exists in Sourcecodester Computer and M ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester
 CVE-2021-46060
 	REJECTED
 CVE-2021-46059



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0aa95ec24e5b365a223c6905cb517c94561aa7c9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0aa95ec24e5b365a223c6905cb517c94561aa7c9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220121/160b9156/attachment.htm>


More information about the debian-security-tracker-commits mailing list