[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Wed May 18 11:42:22 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
35be4da3 by Neil Williams at 2022-05-18T11:41:47+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17308,7 +17308,7 @@ CVE-2022-24858 (next-auth v3 users before version 3.29.2 are impacted. next-auth
CVE-2022-24857 (django-mfa3 is a library that implements multi factor authentication f ...)
NOT-FOR-US: django-mfa3
CVE-2022-24856 (FlyteConsole is the web user interface for the Flyte platform. FlyteCo ...)
- TODO: check
+ NOT-FOR-US: flyteorg/flyteconsole
CVE-2022-24855 (Metabase is an open source business intelligence and analytics applica ...)
NOT-FOR-US: Metabase
CVE-2022-24854 (Metabase is an open source business intelligence and analytics applica ...)
@@ -18191,7 +18191,7 @@ CVE-2022-24613 (metadata-extractor up to 2.16.0 can throw various uncaught excep
CVE-2022-24612 (An authenticated user can upload an XML file containing an XSS via the ...)
NOT-FOR-US: EyesOfNetwork (EON) eonweb
CVE-2022-24611 (Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specificati ...)
- TODO: check
+ NOT-FOR-US: Z-Wave devices
CVE-2022-24610 (Settings/network settings/wireless settings on the Alecto DVC-215IP ca ...)
NOT-FOR-US: Alecto
CVE-2022-24609 (Luocms v2.0 is affected by an incorrect access control vulnerability. ...)
@@ -18749,19 +18749,19 @@ CVE-2022-24396 (The Simple Diagnostics Agent - versions 1.0 up to version 1.57,
CVE-2022-24395 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.3 ...)
NOT-FOR-US: SAP
CVE-2022-24394 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24393 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24392 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24391 (Vulnerability in Fidelis Network and Deception CommandPost enables SQL ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24390 (Vulnerability in rconfig “remote_text_file” enables an att ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24389 (Vulnerability in rconfig “cert_utils” enables an attacker ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24388 (Vulnerability in rconfig “date” enables an attacker with u ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2022-24387 (With administrator or admin privileges the application can be tricked ...)
NOT-FOR-US: SmarterTrack
CVE-2022-24386 (Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterToo ...)
@@ -19800,7 +19800,7 @@ CVE-2022-24110 (Kiteworks MFT 7.5 may allow an unauthorized user to reset other
CVE-2022-24109
RESERVED
CVE-2022-24108 (The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remot ...)
- TODO: check
+ NOT-FOR-US: OpenCart plugin
CVE-2022-24107
RESERVED
CVE-2022-24106
@@ -21582,7 +21582,7 @@ CVE-2022-23708 (A flaw was discovered in Elasticsearch 7.17.0’s upgrade as
CVE-2022-23707 (An XSS vulnerability was found in Kibana index patterns. Using this vu ...)
- kibana <itp> (bug #700337)
CVE-2022-23706 (A remote cross-site scripting (xss) vulnerability was discovered in HP ...)
- TODO: check
+ NOT-FOR-US: HPE OneView
CVE-2022-23705 (A security vulnerability has been identified in HPE Nimble Storage Hyb ...)
NOT-FOR-US: HPE
CVE-2022-23704 (A potential security vulnerability has been identified in Integrated L ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35be4da3b4a9a58e9b1bf324603e1a9e3c15e8ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35be4da3b4a9a58e9b1bf324603e1a9e3c15e8ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220518/ca2ba8f5/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list