[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 15 20:31:02 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ee955af5 by Salvatore Bonaccorso at 2022-03-15T21:30:19+01:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -211,21 +211,21 @@ CVE-2022-0970 (Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/
CVE-2022-0969
RESERVED
CVE-2022-0968 (The microweber application allows large characters to insert in the in ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2022-0967 (Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in Gi ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0966 (Stored XSS via File Upload in star7th/showdoc in GitHub repository sta ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0965 (Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0964 (Stored XSS viva .webmv file upload in GitHub repository star7th/showdo ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0963 (Unrestricted XML Files Leads to Stored XSS in GitHub repository microw ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2022-0962 (Stored XSS viva .webma file upload in GitHub repository star7th/showdo ...)
NOT-FOR-US: ShowDoc
CVE-2022-0961 (The microweber application allows large characters to insert in the in ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2022-0960 (Stored XSS viva .properties file upload in GitHub repository star7th/s ...)
NOT-FOR-US: ShowDoc
CVE-2022-0959
@@ -233,21 +233,21 @@ CVE-2022-0959
CVE-2022-0958
RESERVED
CVE-2022-0957 (Stored XSS via File Upload in GitHub repository star7th/showdoc prior ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0956 (Stored XSS via File Upload in GitHub repository star7th/showdoc prior ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0955
RESERVED
CVE-2022-0954 (Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's O ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2022-0953
RESERVED
CVE-2022-0952
RESERVED
CVE-2022-0951 (File Upload Restriction Bypass leading to Stored XSS Vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0950 (Unrestricted Upload of File with Dangerous Type in GitHub repository s ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0949
RESERVED
CVE-2022-0948
@@ -643,7 +643,7 @@ CVE-2022-26981 (Liblouis through 3.21.0 has a buffer overflow in compilePassOpco
CVE-2022-26980
RESERVED
CVE-2022-0942 (Stored XSS due to Unrestricted File Upload in GitHub repository star7t ...)
- TODO: check
+ NOT-FOR-US: ShowDoc
CVE-2022-0941 (Stored XSS due to Unrestricted File Upload in GitHub repository star7t ...)
NOT-FOR-US: ShowDoc
CVE-2022-0940 (Stored XSS due to Unrestricted File Upload in GitHub repository star7t ...)
@@ -1142,7 +1142,7 @@ CVE-2022-26781
CVE-2022-26780
RESERVED
CVE-2022-26779 (Apache CloudStack prior to 4.16.1.0 used insecure random number genera ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack
CVE-2022-0906 (Unrestricted file upload leads to stored XSS in GitHub repository micr ...)
NOT-FOR-US: microweber
CVE-2022-0905 (Improper Authorization in GitHub repository go-gitea/gitea prior to 1. ...)
@@ -1168,9 +1168,9 @@ CVE-2022-0896 (Improper Neutralization of Special Elements Used in a Template En
CVE-2022-0895 (Static Code Injection in GitHub repository microweber/microweber prior ...)
NOT-FOR-US: microweber
CVE-2022-0894 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0893 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0892
RESERVED
CVE-2021-46707
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee955af5bf122d59aea225ef3706c4c317d558e0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee955af5bf122d59aea225ef3706c4c317d558e0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220315/b2c9d7b2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list