[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Fri Sep 2 10:38:55 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
70168e2d by Neil Williams at 2022-09-02T10:38:32+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -295,7 +295,7 @@ CVE-2022-3074
CVE-2022-3073
RESERVED
CVE-2022-3072 (Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacqu ...)
- TODO: check
+ NOT-FOR-US: francoisjacquet/rosariosis
CVE-2006-20001
RESERVED
CVE-2022-XXXX [wordpress 6.0.2]
@@ -36901,7 +36901,7 @@ CVE-2022-25233
CVE-2022-25232
RESERVED
CVE-2022-25231 (The package node-opcua before 2.74.0 are vulnerable to Denial of Servi ...)
- TODO: check
+ NOT-FOR-US: node-opcua/node-opcua
CVE-2022-25171
RESERVED
CVE-2022-24913
@@ -36941,7 +36941,7 @@ CVE-2022-24377
CVE-2022-24376 (All versions of package git-promise are vulnerable to Command Injectio ...)
NOT-FOR-US: Node git-promise
CVE-2022-24375 (The package node-opcua before 2.74.0 are vulnerable to Denial of Servi ...)
- TODO: check
+ NOT-FOR-US: node-opcua/node-opcua
CVE-2022-24373
RESERVED
CVE-2022-24298 (All versions of package freeopcua/freeopcua are vulnerable to Denial o ...)
@@ -37014,7 +37014,7 @@ CVE-2022-21213 (This affects all versions of package mout. The deepFillIn functi
CVE-2022-21211 (This affects all versions of package posix. When invoking the toString ...)
NOT-FOR-US: Node posix
CVE-2022-21208 (The package node-opcua before 2.74.0 are vulnerable to Denial of Servi ...)
- TODO: check
+ NOT-FOR-US: node-opcua/node-opcua
CVE-2022-21195 (All versions of package url-regex are vulnerable to Regular Expression ...)
NOT-FOR-US: AlexFlipnote/url_regex
CVE-2022-21192
@@ -37034,7 +37034,7 @@ CVE-2022-21169
CVE-2022-21167 (All versions of package masuit.tools.core are vulnerable to Arbitrary ...)
NOT-FOR-US: masuit.tools
CVE-2022-21165 (All versions of package font-converter are vulnerable to Arbitrary Com ...)
- TODO: check
+ NOT-FOR-US: zgec/node-js-font-converter
CVE-2022-21164 (The package node-lmdb before 0.9.7 are vulnerable to Denial of Service ...)
NOT-FOR-US: Node lmdb
CVE-2022-21149 (The package s-cart/s-cart before 6.9; the package s-cart/core before 6 ...)
@@ -63416,7 +63416,7 @@ CVE-2022-20361 (In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vuln
CVE-2022-20360 (In setChecked of SecureNfcPreferenceController.java, there is a missin ...)
NOT-FOR-US: Android
CVE-2022-20359 (In various methods of NotificationManagerService.java, there is a poss ...)
- TODO: check
+ TODO: check - not listed in linked bulletin
CVE-2022-20358 (In startSync of AbstractThreadedSyncAdapter.java, there is a possible ...)
NOT-FOR-US: Android
CVE-2022-20357 (In writeToParcel of SurfaceControl.cpp, there is a possible informatio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70168e2dafe1db371a550c15d388342872e028bd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70168e2dafe1db371a550c15d388342872e028bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220902/0ab866bc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list