[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jul 25 19:26:58 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f5c0aebb by Moritz Muehlenhoff at 2022-07-25T20:26:37+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,9 +29,9 @@ CVE-2022-2525
 CVE-2022-2524
 	RESERVED
 CVE-2017-20145 (A vulnerability was found in Tecrail Responsive Filemanger up to 9.10. ...)
-	TODO: check
+	NOT-FOR-US: Tecrail Responsive Filemanger
 CVE-2017-20144 (A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1. ...)
-	TODO: check
+	NOT-FOR-US: Anvsoft PDFMate PDF Converter Pro
 CVE-2022-36400
 	RESERVED
 CVE-2022-36392
@@ -33911,7 +33911,7 @@ CVE-2022-0472 (Unrestricted Upload of File with Dangerous Type in Packagist jsde
 CVE-2022-0471 (The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 doe ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-24294 (A regular expression used in Apache MXNet (incubating) is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: Apache MXNet
 CVE-2022-24293 (Certain HP Print devices may be vulnerable to potential information di ...)
 	NOT-FOR-US: HP
 CVE-2022-24292 (Certain HP Print devices may be vulnerable to potential information di ...)
@@ -175578,7 +175578,7 @@ CVE-2020-7643 (paypal-adaptive through 0.4.2 manipulation of JavaScript objects
 CVE-2020-7642 (lazysizes through 5.2.0 allows execution of malicious JavaScript. The  ...)
 	NOT-FOR-US: Node lazysizes
 CVE-2020-7641 (This affects all versions of package grunt-util-property. The function ...)
-	TODO: check
+	NOT-FOR-US: Node grunt-util-property
 CVE-2020-7640 (pixl-class prior to 1.0.3 allows execution of arbitrary commands. The  ...)
 	NOT-FOR-US: Node pixl-class
 CVE-2020-7639 (eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.T ...)
@@ -221713,7 +221713,7 @@ CVE-2019-10802 (giting version prior to 0.0.8 allows execution of arbritary comm
 CVE-2019-10801 (enpeem through 2.2.0 allows execution of arbitrary commands. The "opti ...)
 	NOT-FOR-US: Node enpeem
 CVE-2019-10800 (This affects the package codecov before 2.0.16. The vulnerability occu ...)
-	TODO: check
+	NOT-FOR-US: codecov
 CVE-2019-10799 (compile-sass prior to 1.0.5 allows execution of arbritary commands. Th ...)
 	NOT-FOR-US: Node module compile-sass
 CVE-2019-10798 (rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects r ...)
@@ -221813,7 +221813,7 @@ CVE-2019-10763 (pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An
 CVE-2019-10762 (columnQuote in medoo before 1.7.5 allows remote attackers to perform a ...)
 	NOT-FOR-US: medoo
 CVE-2019-10761 (This affects the package vm2 before 3.6.11. It is possible to trigger  ...)
-	TODO: check
+	NOT-FOR-US: vm2
 CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A  ...)
 	NOT-FOR-US: safer-eval Node module
 CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A  ...)
@@ -390710,7 +390710,7 @@ CVE-2015-7984 (Multiple cross-site request forgery (CSRF) vulnerabilities in Hor
 	NOTE: https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
 	NOTE: http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html
 CVE-2015-8031 (Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE ...)
-	TODO: check
+	NOT-FOR-US: Hudson
 CVE-2015-8030 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execu ...)
 	NOT-FOR-US: SAP
 CVE-2015-8029 (SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5c0aebbb22b124bcb3b050bd51db1217aa1c255

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5c0aebbb22b124bcb3b050bd51db1217aa1c255
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220725/59acf78d/attachment.htm>

More information about the debian-security-tracker-commits mailing list