[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 14 20:43:42 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9d3a91ba by Salvatore Bonaccorso at 2022-11-14T21:41:57+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -285,7 +285,7 @@ CVE-2022-45380
CVE-2022-45379
RESERVED
CVE-2022-45378 (** UNSUPPORTED WHEN ASSIGNED ** In the default configuration of Apache ...)
- TODO: check
+ NOT-FOR-US: Apache SOAP
CVE-2022-45377
RESERVED
CVE-2022-45376
@@ -641,7 +641,7 @@ CVE-2022-45200
CVE-2022-3993 (Authentication Bypass by Primary Weakness in GitHub repository kareadi ...)
TODO: check
CVE-2022-3992 (A vulnerability classified as problematic was found in SourceCodester ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Sanitization Management System
CVE-2022-3991
RESERVED
CVE-2022-3990
@@ -649,7 +649,7 @@ CVE-2022-3990
CVE-2022-3989
RESERVED
CVE-2022-3988 (A vulnerability was found in Frappe. It has been rated as problematic. ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2022-3987
RESERVED
CVE-2022-3986
@@ -754,7 +754,7 @@ CVE-2022-45186
CVE-2022-45185
RESERVED
CVE-2022-45184 (The Web Server in Ironman Software PowerShell Universal v3.x and v2.x ...)
- TODO: check
+ NOT-FOR-US: Ironman Software PowerShell Universal
CVE-2022-45183 (Escalation of privileges in the Web Server in Ironman Software PowerSh ...)
NOT-FOR-US: Ironman
CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module ...)
@@ -7284,11 +7284,11 @@ CVE-2022-43696
CVE-2022-43695
RESERVED
CVE-2022-43694 (Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9 ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2022-43693 (Concrete CMS is vulnerable to CSRF due to the lack of "State" paramete ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2022-43692 (Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9 ...)
- TODO: check
+ NOT-FOR-US: Concrete CMS
CVE-2022-43691
RESERVED
CVE-2022-43690
@@ -8363,7 +8363,7 @@ CVE-2022-43344
CVE-2022-43343 (N-Prolog v1.91 was discovered to contain a global buffer overflow vuln ...)
NOT-FOR-US: N-Prolog
CVE-2022-43342 (A stored cross-site scripting (XSS) vulnerability in the Add function ...)
- TODO: check
+ NOT-FOR-US: Eramba GRC Software
CVE-2022-43341
RESERVED
CVE-2022-43340 (A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows ...)
@@ -8471,7 +8471,7 @@ CVE-2022-43290 (Canteen Management System v1.0 was discovered to contain a SQL i
CVE-2022-43289
RESERVED
CVE-2022-43288 (Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-43287
RESERVED
CVE-2022-43286 (Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug c ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d3a91badda70b9b311e856e6d2506b81f07496a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d3a91badda70b9b311e856e6d2506b81f07496a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221114/6fc8c4ed/attachment.htm>
More information about the debian-security-tracker-commits
mailing list