[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 26 09:23:00 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
378bfa24 by Salvatore Bonaccorso at 2022-10-26T10:22:31+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3922,15 +3922,15 @@ CVE-2022-3397 (OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bou
 CVE-2022-3396 (OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds W ...)
 	NOT-FOR-US: OMRON CX-Programmer
 CVE-2022-3395 (The WP All Export Pro WordPress plugin before 1.7.9 uses the contents  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3394 (The WP All Export Pro WordPress plugin before 1.7.9 does not limit som ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3393 (The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3392 (The WP Humans.txt WordPress plugin through 1.0.6 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3391 (The Retain Live Chat WordPress plugin through 0.1 does not sanitise an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-42251
 	RESERVED
 CVE-2022-42250 (Simple Cold Storage Management System v1.0 is vulnerable to SQL inject ...)
@@ -5215,7 +5215,7 @@ CVE-2022-3352 (Use After Free in GitHub repository vim/vim prior to 9.0.0614. ..
 CVE-2022-3351 (An issue has been discovered in GitLab EE affecting all versions start ...)
 	- gitlab <not-affected> (Only affects Gitlab EE)
 CVE-2022-3350 (The Contact Bank WordPress plugin through 3.0.30 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3349 (A vulnerability was found in Sony PS4 and PS5. It has been classified  ...)
 	NOT-FOR-US: Sony
 CVE-2022-3348 (Just like in the previous report, an attacker could steal the account  ...)
@@ -5464,7 +5464,7 @@ CVE-2022-3337
 CVE-2022-3336
 	RESERVED
 CVE-2022-3335 (The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 u ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3334
 	RESERVED
 CVE-2022-3333 (A vulnerability, which was classified as problematic, was found in Zep ...)
@@ -5644,11 +5644,11 @@ CVE-2022-3303 (A race condition flaw was found in the Linux kernel sound subsyst
 	- linux 5.19.11-1
 	NOTE: https://git.kernel.org/linus/8423f0b6d513b259fdab9c9bf4aaa6188d054c2d (6.0-rc5)
 CVE-2022-3302 (The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3301 (Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdif ...)
 	- rdiffweb <itp> (bug #969974)
 CVE-2022-3300 (The Form Maker by 10Web WordPress plugin before 1.15.6 does not proper ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-41553
 	RESERVED
 CVE-2022-41552
@@ -6665,9 +6665,9 @@ CVE-2022-3249
 CVE-2022-3248
 	RESERVED
 CVE-2022-3247 (The Blog2Social: Social Media Auto Post & Scheduler WordPress plug ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3246 (The Blog2Social: Social Media Auto Post & Scheduler WordPress plug ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3245 (HTML injection attack is closely related to Cross-site Scripting (XSS) ...)
 	NOT-FOR-US: microweber
 CVE-2022-3244 (The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does n ...)
@@ -11182,7 +11182,7 @@ CVE-2022-3099 (Use After Free in GitHub repository vim/vim prior to 9.0.0360. ..
 CVE-2022-3098 (The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3097 (The LBStopAttack WordPress plugin through 1.1.2 does not use nonces wh ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-3096
 	RESERVED
 CVE-2022-3095
@@ -14442,7 +14442,7 @@ CVE-2022-2764 (A flaw was found in Undertow. Denial of service can be achieved a
 CVE-2022-2763 (The WP Socializer WordPress plugin before 7.3 does not sanitise and es ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2762 (The AdminPad WordPress plugin before 2.2 does not have CSRF check when ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-2761
 	RESERVED
 CVE-2022-2760 (In affected versions of Octopus Deploy it is possible to reveal the Sp ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378bfa24e2578b7bbcbb12ddfd3303c4ca4ae586

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378bfa24e2578b7bbcbb12ddfd3303c4ca4ae586
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221026/ed6d9121/attachment.htm>

More information about the debian-security-tracker-commits mailing list