[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3e6b7b7a by Salvatore Bonaccorso at 2022-03-18T21:14:46+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4393,17 +4393,17 @@ CVE-2022-25609
 CVE-2022-25608
 	RESERVED
 CVE-2022-25607 (Authenticated (author or higher user role) SQL Injection (SQLi) vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-25606
 	RESERVED
 CVE-2022-25605 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabiliti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-25604 (Authenticated (contributor of higher user role) Stored Cross-Site Scri ...)
 	TODO: check
 CVE-2022-25603 (Authenticated (author or higher user role) Stored Cross-Site Scripting ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-25602 (Nonce token leak vulnerability leading to arbitrary file upload, theme ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-25601 (Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-25600 (Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marke ...)
@@ -12329,7 +12329,7 @@ CVE-2021-44779 (Unauthenticated SQL Injection (SQLi) vulnerability discovered in
 CVE-2021-44777 (Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-44760 (Authenticated Reflected Cross-Site Scripting (XSS) vulnerability disco ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-4207
 	RESERVED
 CVE-2021-4206
@@ -12343,11 +12343,11 @@ CVE-2021-26256 (Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
 CVE-2021-23227 (Cross-Site Request Forgery (CSRF) vulnerability discovered in PHP Ever ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-23209 (Multiple Authenticated (admin user role) Persistent Cross-Site Scripti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-23174 (Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-23150 (Authenticated (admin or higher user role) Stored Cross-Site Scripting  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-23206 (In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unpr ...)
 	NOT-FOR-US: Apache Traffic Control
 CVE-2022-23205
@@ -38377,7 +38377,7 @@ CVE-2021-39048 (IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack
 CVE-2021-39047
 	RESERVED
 CVE-2021-39046 (IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Bu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-39045
 	RESERVED
 CVE-2021-39044 (IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site re ...)
@@ -61555,7 +61555,7 @@ CVE-2021-29901
 CVE-2021-29900
 	RESERVED
 CVE-2021-29899 (IBM Engineering Requirements Quality Assistant prior to 3.1.3 could al ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29898
 	RESERVED
 CVE-2021-29897



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e6b7b7a990f8382012d4cd9342e05e2e629912e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e6b7b7a990f8382012d4cd9342e05e2e629912e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220318/ff71d1b2/attachment.htm>