[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Wed May 11 09:22:54 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1a525534 by Salvatore Bonaccorso at 2022-05-11T10:20:53+02:00
Process some NFUs

- - - - -
ee4d3f49 by Salvatore Bonaccorso at 2022-05-11T10:22:32+02:00
Process one more NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1140,7 +1140,7 @@ CVE-2022-30128
 CVE-2022-30127
 	RESERVED
 CVE-2022-1567 (The WP-JS plugin for WordPress contains a script called wp-js.php with ...)
-	TODO: check
+	NOT-FOR-US: WP-JS plugin for WordPress
 CVE-2022-1566
 	RESERVED
 CVE-2022-1565
@@ -1990,7 +1990,7 @@ CVE-2022-1507 (chafa: NULL Pointer Dereference in function gif_internal_decode_f
 CVE-2022-1506
 	RESERVED
 CVE-2022-1505 (The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQ ...)
-	TODO: check
+	NOT-FOR-US: RSVPMaker plugin for WordPress
 CVE-2022-1504 (XSS in /demo/module/?module=HERE in GitHub repository microweber/micro ...)
 	NOT-FOR-US: microweber
 CVE-2022-29810 (The Hashicorp go-getter library before 1.5.11 does not redact an SSH k ...)
@@ -2154,7 +2154,7 @@ CVE-2022-1477
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1476 (The All-in-One WP Migration plugin for WordPress is vulnerable to arbi ...)
-	TODO: check
+	NOT-FOR-US: All-in-One WP Migration plugin for WordPress
 CVE-2022-1475 (An integer overflow vulnerability was found in FFmpeg 5.0.1 and in pre ...)
 	{DSA-5124-1}
 	- ffmpeg 7:4.4.2-1
@@ -2243,7 +2243,7 @@ CVE-2022-1465
 CVE-2022-1464 (Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the  ...)
 	NOT-FOR-US: Go Git Service
 CVE-2022-1463 (The Booking Calendar plugin for WordPress is vulnerable to PHP Object  ...)
-	TODO: check
+	NOT-FOR-US: Booking Calendar plugin for WordPress
 CVE-2022-1462
 	RESERVED
 CVE-2022-1461 (Non Privilege User can Enable or Disable Registered in GitHub reposito ...)
@@ -2651,7 +2651,7 @@ CVE-2022-1455
 CVE-2022-1454
 	RESERVED
 CVE-2022-1453 (The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQ ...)
-	TODO: check
+	NOT-FOR-US: RSVPMaker plugin for WordPress
 CVE-2022-1452 (Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function i ...)
 	- radare2 <unfixed>
 	NOTE: https://huntr.dev/bounties/c8f4c2de-7d96-4ad4-857a-c099effca2d6
@@ -2686,7 +2686,7 @@ CVE-2022-1444 (heap-use-after-free in GitHub repository radareorg/radare2 prior
 CVE-2022-1443
 	RESERVED
 CVE-2022-1442 (The Metform WordPress plugin is vulnerable to sensitive information di ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-29598
 	RESERVED
 CVE-2022-29597
@@ -6019,7 +6019,7 @@ CVE-2022-28343
 CVE-2022-28342
 	RESERVED
 CVE-2022-1209 (The Ultimate Member plugin for WordPress is vulnerable to open redirec ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2022-1208
 	RESERVED
 CVE-2022-1207 (Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6 ...)
@@ -9606,7 +9606,7 @@ CVE-2021-46710
 CVE-2022-27169
 	RESERVED
 CVE-2022-27167 (Privilege escalation vulnerability in Windows products of ESET, spol.  ...)
-	TODO: check
+	NOT-FOR-US: ESET
 CVE-2022-27166
 	RESERVED
 CVE-2022-26511 (WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1044b2cd87ff5a4f3e0e185d1f50636c0a783294...ee4d3f49e9b3397defcc0b0c6ed808867a340c3a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1044b2cd87ff5a4f3e0e185d1f50636c0a783294...ee4d3f49e9b3397defcc0b0c6ed808867a340c3a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220511/c3887d73/attachment.htm>
