Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
68801279 by Salvatore Bonaccorso at 2022-04-13T09:13:41+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2348,13 +2348,13 @@ CVE-2022-28218
CVE-2022-28217
RESERVED
CVE-2022-28216 (SAP BusinessObjects Business Intelligence Platform (BI
Workspace) - ve ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-28215 (SAP NetWeaver ABAP Server and ABAP Platform - versions 740,
750, 787, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-28214
RESERVED
CVE-2022-28213 (When a user access SOAP Web services in SAP BusinessObjects
Business I ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-28212
RESERVED
CVE-2022-28211
@@ -3843,13 +3843,13 @@ CVE-2022-27672
CVE-2022-27671 (A CSRF token visible in the URL may possibly lead to
information discl ...)
TODO: check
CVE-2022-27670 (SAP SQL Anywhere - version 17.0, allows an authenticated
attacker to p ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-27669 (An unauthenticated user can use functions of XML Data
Archiving Servic ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-27668
RESERVED
CVE-2022-27667 (Under certain conditions, SAP BusinessObjects Business
Intelligence pl ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-1059
RESERVED
CVE-2022-1058 (Open Redirect on login in GitHub repository go-gitea/gitea
prior to 1. ...)
@@ -3871,13 +3871,13 @@ CVE-2022-27663
CVE-2022-27658 (Under certain conditions, SAP Innovation management - version
2.0, all ...)
NOT-FOR-US: SAP
CVE-2022-27657 (A highly privileged remote attacker, can gain unauthorized
access to d ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-27656
RESERVED
CVE-2022-27655 (When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d)
receive ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-27654 (When a user opens a manipulated Photoshop Document (.psd,
2d.x3d) rece ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-26518
RESERVED
CVE-2022-26422
@@ -8113,15 +8113,15 @@ CVE-2022-26110 (An issue was discovered in HTCondor
8.8.x before 8.8.16, 9.0.x b
NOTE:
https://github.com/htcondor/htcondor/commit/1cae7601d796725e7f5dd73fedf37f6fbbe379ca
(V8_8_16)
NOTE:
https://github.com/htcondor/htcondor/commit/8568e8ba65c9490f30a1089b6d4f8910e4bfbd6b
(V8_8_16)
CVE-2022-26109 (When a user opens a manipulated Portable Document Format
(.pdf, PDFVie ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-26108 (When a user opens a manipulated Picture Exchange (.pcx,
2d.x3d) receiv ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-26107 (When a user opens a manipulated Jupiter Tesselation (.jt,
JTReader.x3d ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-26106 (When a user opens a manipulated Computer Graphics Metafile
(.cgm, CgmC ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-26105 (SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20,
7.30, 7.3 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-26104 (SAP Financial Consolidation - version 10.1, does not perform
necessary ...)
NOT-FOR-US: SAP
CVE-2022-26103 (Under certain conditions, SAP NetWeaver (Real Time Messaging
Framework ...)
@@ -12658,7 +12658,7 @@ CVE-2022-24414
CVE-2022-24413 (Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a
time-of-check-t ...)
TODO: check
CVE-2022-24412 (Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper
handling ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2022-24411 (Dell PowerScale OneFS 8.2.2 and above contain an elevation of
privileg ...)
TODO: check
CVE-2022-24410
@@ -19191,11 +19191,11 @@ CVE-2022-0144 (shelljs is vulnerable to Improper
Privilege Management ...)
CVE-2022-0143
RESERVED
CVE-2022-0142 (The Visual Form Builder WordPress plugin before 3.0.6 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0141 (The Visual Form Builder WordPress plugin before 3.0.8 does not
enforce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-0140 (The Visual Form Builder WordPress plugin before 3.0.6 does not
perform ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-46150 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x
before 1.36 ...)
NOT-FOR-US: MediaWiki extension CheckUser
CVE-2021-46149 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x
before 1.36 ...)
@@ -19669,7 +19669,7 @@ CVE-2022-22562 (Dell PowerScale OneFS, versions
8.2.0-9.3.0, contain a improper
CVE-2022-22561 (Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an
improper res ...)
TODO: check
CVE-2022-22560 (Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded
credentials ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2022-22559 (Dell PowerScale OneFS, version 9.3.0, contains a use of a
broken or ri ...)
TODO: check
CVE-2022-22558
@@ -19707,7 +19707,7 @@ CVE-2022-22543 (SAP NetWeaver Application Server for
ABAP (Kernel) and ABAP Plat
CVE-2022-22542 (S/4HANA Supplier Factsheet exposes the private address and
bank detail ...)
NOT-FOR-US: SAP
CVE-2022-22541 (SAP BusinessObjects Business Intelligence Platform - versions
420, 430 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-22540 (SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701,
702, 731 ...)
NOT-FOR-US: SAP
CVE-2022-22539 (When a user opens a manipulated JPEG file format (.jpg,
2d.x3d) receiv ...)
@@ -48914,7 +48914,7 @@ CVE-2021-36916 (The SQL injection vulnerability in the
Hide My WP WordPress plug
CVE-2021-36915
RESERVED
CVE-2021-36914 (Cross-Site Request Forgery (CSRF) vulnerability leading to
Reflected C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-36913
RESERVED
CVE-2021-36912
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/688012790aefb952418e44decb39bb8e8df996dd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/688012790aefb952418e44decb39bb8e8df996dd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
