[Git][security-tracker-team/security-tracker][master] Drop some wokarounded entries which were added due to bugs in the downcoverted CVE JSON v4 feeds
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 28 22:27:18 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
732dcbe3 by Salvatore Bonaccorso at 2023-04-28T23:26:24+02:00
Drop some wokarounded entries which were added due to bugs in the downcoverted CVE JSON v4 feeds
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6561,7 +6561,6 @@ CVE-2023-1707
RESERVED
CVE-2023-1706
REJECTED
- NOT-FOR-US: Unused CVE
CVE-2023-1705
RESERVED
CVE-2023-1704 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
@@ -6834,7 +6833,6 @@ CVE-2023-1660
RESERVED
CVE-2023-1659
REJECTED
- NOT-FOR-US: rejected CVE
CVE-2023-1658
RESERVED
CVE-2023-1657
@@ -10161,7 +10159,6 @@ CVE-2023-1272
RESERVED
CVE-2023-1271
REJECTED
- NOT-FOR-US: Duplicated CVE entry
CVE-2023-1270 (Cross-site Scripting in GitHub repository btcpayserver/btcpayserver pr ...)
NOT-FOR-US: btcpayserver
CVE-2023-1269 (Use of Hard-coded Credentials in GitHub repository alextselegidis/easy ...)
@@ -13968,7 +13965,6 @@ CVE-2023-1016
RESERVED
CVE-2023-1015
REJECTED
- NOT-FOR-US: Rejected CVE
CVE-2023-1014 (Improper Protection for Outbound Error Messages and Alert Signals vuln ...)
NOT-FOR-US: Virames Vira-Investing
CVE-2023-1013 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
@@ -25120,7 +25116,6 @@ CVE-2023-0116
RESERVED
CVE-2023-0115
REJECTED
- NOT-FOR-US: REJECTED
CVE-2022-4881 (A vulnerability was found in CapsAdmin PAC3. It has been rated as prob ...)
NOT-FOR-US: CapsAdmin PAC3
CVE-2021-4309 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -30873,7 +30868,6 @@ CVE-2022-4464 (Themify Portfolio Post WordPress plugin before 1.2.1 does not val
NOT-FOR-US: WordPress plugin
CVE-2022-4463
REJECTED
- NOT-FOR-US: Unused CVE
CVE-2022-4462 (An issue has been discovered in GitLab affecting all versions starting ...)
- gitlab <unfixed>
CVE-2022-4461
@@ -40478,22 +40472,16 @@ CVE-2022-44542 (lesspipe before 2.06 allows attackers to execute code via Perl S
NOT-FOR-US: lesspipe (not the same as lesspipe contained in src:less)
CVE-2022-44541
REJECTED
- NOT-FOR-US: HPE
CVE-2022-44540
REJECTED
- NOT-FOR-US: HPE
CVE-2022-44539
REJECTED
- NOT-FOR-US: HPE
CVE-2022-44538
REJECTED
- NOT-FOR-US: HPE
CVE-2022-44537
REJECTED
- NOT-FOR-US: HPE
CVE-2022-44536
REJECTED
- NOT-FOR-US: HPE
CVE-2022-44535 (A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-b ...)
NOT-FOR-US: Aruba
CVE-2022-44534 (A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-b ...)
@@ -43859,148 +43847,100 @@ CVE-2022-43831
RESERVED
CVE-2022-43830
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43829
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43828
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43827
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43826
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43825
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43824
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43823
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43822
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43821
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43820
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43819
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43818
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43817
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43816
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43815
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43814
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43813
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43812
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43811
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43810
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43809
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43808
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43807
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43806
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43805
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43804
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43803
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43802
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43801
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43800
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43799
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43798
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43797
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43796
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43795
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43794
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43793
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43792
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43791
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43790
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43789
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43788
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43787
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43786
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43785
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43784
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43783
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-43782 (Affected versions of Atlassian Crowd allow an attacker to authenticate ...)
NOT-FOR-US: Atlassian
CVE-2022-43781 (There is a command injection vulnerability using environment variables ...)
@@ -44354,12 +44294,10 @@ CVE-2022-41798 (Session information easily guessable vulnerability exists in Kyo
NOT-FOR-US: Kyocera Document Solutions
CVE-2022-3680
REJECTED
- NOT-FOR-US: REJECTED CVE not correctly downconverted for feed
CVE-2022-3679 (The Starter Templates by Kadence WP WordPress plugin before 1.2.17 uns ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3678
REJECTED
- NOT-FOR-US: REJECTED CVE not correctly downconverted for feed
CVE-2022-3677 (The Advanced Import WordPress plugin before 1.3.8 does not have CSRF c ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3676 (In Eclipse Openj9 before version 0.35.0, interface calls can be inline ...)
@@ -48599,7 +48537,6 @@ CVE-2022-3405
RESERVED
CVE-2022-3404
REJECTED
- NOT-FOR-US: Unused CVE
CVE-2022-3403
RESERVED
CVE-2022-3402 (The Log HTTP Requests plugin for WordPress is vulnerable to Stored Cro ...)
@@ -60149,37 +60086,26 @@ CVE-2022-37952 (A reflected cross-site scripting (XSS) vulnerability exists in t
NOT-FOR-US: iHistorian Data Display of WorkstationST
CVE-2022-37951
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37950
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37949
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37948
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37947
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37946
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37945
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37944
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37943
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37942
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37941
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2022-37940 (Potential security vulnerabilities have been identified in the HPE Fle ...)
NOT-FOR-US: HPE
CVE-2022-37939 (A potential security vulnerability has been identified in HPE Superdom ...)
@@ -63185,7 +63111,6 @@ CVE-2022-36828
RESERVED
CVE-2022-36827
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-36826
RESERVED
CVE-2022-36825
@@ -63208,7 +63133,6 @@ CVE-2022-36817
RESERVED
CVE-2022-36816
REJECTED
- NOT-FOR-US: Atlassian
CVE-2022-36815
RESERVED
CVE-2022-36814
@@ -65589,7 +65513,6 @@ CVE-2022-2446
RESERVED
CVE-2022-2445
REJECTED
- NOT-FOR-US: Unvalid CVE
CVE-2022-2444 (The Visualizer: Tables and Charts Manager for WordPress plugin for Wor ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2443 (The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Si ...)
@@ -70271,7 +70194,6 @@ CVE-2022-2177 (Kayrasoft product before version 2 has an unauthenticated SQL Inj
NOT-FOR-US: Kayrasoft
CVE-2022-2176
REJECTED
- NOT-FOR-US: rejected CVE
CVE-2022-2175 (Buffer Over-read in GitHub repository vim/vim prior to 8.2.)
- vim 2:9.0.0135-1 (unimportant)
NOTE: https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55
@@ -92730,10 +92652,8 @@ CVE-2022-26426 (In camera isp, there is a possible out of bounds write due to a
NOT-FOR-US: MediaTek driver for Android
CVE-2022-26418
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26416
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26414 (A potential buffer overflow vulnerability was identified in some inter ...)
NOT-FOR-US: Zyxel
CVE-2022-26413 (A command injection vulnerability in the CGI program of Zyxel VMG3312- ...)
@@ -92742,54 +92662,38 @@ CVE-2022-26348 (Command Centre Server is vulnerable to SQL Injection via Windows
NOT-FOR-US: gallagher
CVE-2022-26347
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26339
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26123
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26087
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26078 (Gallagher Controller 6000 is vulnerable to a Denial of Service attack ...)
NOT-FOR-US: Gallagher
CVE-2022-26058
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26055
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26053
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26039
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26031
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-26027
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-25997
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-25968
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-25957
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-25920
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-25889
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-21224
REJECTED
- NOT-FOR-US: Unused ID
CVE-2022-0864 (The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.22.9 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0863 (The WP SVG Icons WordPress plugin through 3.2.3 does not properly vali ...)
@@ -110951,7 +110855,6 @@ CVE-2021-45033 (A vulnerability has been identified in CP-8000 MASTER MODULE WIT
NOT-FOR-US: Siemens
CVE-2021-45032
REJECTED
- NOT-FOR-US: Rejected CVE
CVE-2021-45031 (A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in ...)
NOT-FOR-US: MEPSAN
CVE-2021-45030
@@ -125797,19 +125700,14 @@ CVE-2021-41011 (LINE client for iOS before 11.15.0 might expose authentication i
NOT-FOR-US: LINE client for iOS
CVE-2021-41010
REJECTED
- NOT-FOR-US: HPE
CVE-2021-41009
REJECTED
- NOT-FOR-US: HPE
CVE-2021-41008
REJECTED
- NOT-FOR-US: HPE
CVE-2021-41007
REJECTED
- NOT-FOR-US: HPE
CVE-2021-41006
REJECTED
- NOT-FOR-US: HPE
CVE-2021-41005 (A remote vulnerability was discovered in Aruba Instant On 1930 Switch ...)
NOT-FOR-US: Aruba Instant On
CVE-2021-41004 (A remote vulnerability was discovered in Aruba Instant On 1930 Switch ...)
@@ -163501,7 +163399,6 @@ CVE-2021-26266 (cPanel before 92.0.9 allows a Reseller to bypass the suspension
NOT-FOR-US: cPanel
CVE-2021-26246
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-26245
RESERVED
CVE-2021-26244
@@ -163793,18 +163690,14 @@ CVE-2021-26124
RESERVED
CVE-2021-23232
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-23230 (A SQL Injection vulnerability in the OPCUA interface of Gallagher Comm ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23224
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-23220
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-23212
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-23211 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23205 (Improper Encoding or Escaping in Gallagher Command Centre Server allow ...)
@@ -163813,14 +163706,12 @@ CVE-2021-23204 (Exposure of Sensitive Information to an Unauthorized Actor vulne
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23199
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-23197 (Unquoted service path vulnerability in the Gallagher Controller Servic ...)
NOT-FOR-US: Gallagher Controller Service
CVE-2021-23193 (Improper privilege validation vulnerability in COM Interface of Gallag ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23185
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2021-23182 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2021-23167 (Improper certificate validation vulnerability in SMTP Client allows ma ...)
@@ -199299,16 +199190,12 @@ CVE-2020-24646 (A tftpserver stack-based buffer overflow remote code execution v
NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24645
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2020-24644
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2020-24643
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2020-24642
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2020-24641 (In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Fo ...)
NOT-FOR-US: Aruba
CVE-2020-24640 (There is a vulnerability caused by insufficient input validation that ...)
@@ -242795,7 +242682,6 @@ CVE-2020-7119 (A vulnerability exists in the Aruba Analytics and Location Engine
NOT-FOR-US: Aruba
CVE-2020-7118
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2020-7117 (The ClearPass Policy Manager WebUI administrative interface has an aut ...)
NOT-FOR-US: ClearPass Policy Manager WebUI
CVE-2020-7116 (The ClearPass Policy Manager WebUI administrative interface has an aut ...)
@@ -242808,7 +242694,6 @@ CVE-2020-7113 (A vulnerability was found when an attacker, while communicating w
NOT-FOR-US: ClearPass
CVE-2020-7112
REJECTED
- NOT-FOR-US: Unused CVE ID
CVE-2020-7111 (A server side injection vulnerability exists which could allow an auth ...)
NOT-FOR-US: ClearPass
CVE-2020-7110 (ClearPass is vulnerable to Stored Cross Site Scripting by allowing a m ...)
@@ -303488,7 +303373,6 @@ CVE-2019-5326 (An administrative application user of or application user with wr
NOT-FOR-US: Aruba Airwave VisualRF
CVE-2019-5325
REJECTED
- NOT-FOR-US: HPE
CVE-2019-5324
REJECTED
CVE-2019-5323 (There are command injection vulnerabilities present in the AirWave app ...)
@@ -303507,14 +303391,12 @@ CVE-2019-5317 (A local authentication bypass vulnerability was discovered in som
NOT-FOR-US: Aruba
CVE-2019-5316
REJECTED
- NOT-FOR-US: HPE
CVE-2019-5315 (A command injection vulnerability is present in the web management int ...)
NOT-FOR-US: ArubaOS
CVE-2019-5314 (Some web components in the ArubaOS software are vulnerable to HTTP Res ...)
NOT-FOR-US: ArubaOS
CVE-2019-5313
REJECTED
- NOT-FOR-US: HPE
CVE-2019-5312 (An issue was discovered in weixin-java-tools v3.3.0. There is an XXE v ...)
NOT-FOR-US: weixin-java-tools
CVE-2019-5311 (An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.p ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/732dcbe3ff79e11a2081c4f7ab55420840cc733a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/732dcbe3ff79e11a2081c4f7ab55420840cc733a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230428/77614775/attachment.htm>
More information about the debian-security-tracker-commits
mailing list