[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 24 08:23:41 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ebe52bf3 by Salvatore Bonaccorso at 2022-03-24T09:23:11+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1895,21 +1895,21 @@ CVE-2022-27085
 CVE-2022-27084
 	RESERVED
 CVE-2022-27083 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27082 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27081 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27080 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27079 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27078 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27077 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27076 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-27075
 	RESERVED
 CVE-2022-27074
@@ -2878,9 +2878,9 @@ CVE-2022-26678
 CVE-2022-26677
 	RESERVED
 CVE-2022-0889 (The Ninja Forms - File Uploads Extension WordPress plugin is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-0888 (The Ninja Forms - File Uploads Extension WordPress plugin is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-0887
 	RESERVED
 CVE-2022-0886
@@ -3194,7 +3194,7 @@ CVE-2022-26538
 CVE-2022-26537
 	RESERVED
 CVE-2022-26536 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-26535
 	RESERVED
 CVE-2022-26534 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where  ...)
@@ -3730,7 +3730,7 @@ CVE-2022-26353 (A flaw was found in the virtio-net device of QEMU. This flaw was
 CVE-2022-0835
 	RESERVED
 CVE-2022-0834 (The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-0833
 	RESERVED
 CVE-2022-0832 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
@@ -3918,9 +3918,9 @@ CVE-2022-26292
 CVE-2022-26291
 	RESERVED
 CVE-2022-26290 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-26289 (Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command inje ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-26288
 	RESERVED
 CVE-2022-26287
@@ -5091,7 +5091,7 @@ CVE-2022-0751
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/
 CVE-2022-0750 (The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-0749 (This affects all versions of package SinGooCMS.Utility. The socket cli ...)
 	NOT-FOR-US: SinGooCMS
 CVE-2022-0748 (The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Ex ...)
@@ -5692,9 +5692,9 @@ CVE-2022-25611
 CVE-2022-25610
 	RESERVED
 CVE-2022-25609 (Stored Cross-Site Scripting (XSS) in Yoo Slider – Image Slider & ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-25608 (Cross-Site Request Forgery (CSRF) in Yoo Slider – Image Slider & ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-25607 (Authenticated (author or higher user role) SQL Injection (SQLi) vulner ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-25606



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebe52bf3cf56905d2f8777d6e93c94133209527a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebe52bf3cf56905d2f8777d6e93c94133209527a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220324/8aba4439/attachment.htm>

More information about the debian-security-tracker-commits mailing list