Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits: 44d5ee5e by Neil Williams at 2022-07-05T09:49:41+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -25721,7 +25721,7 @@ CVE-2022-25878 (The package protobufjs before 6.11.3 are vulnerable to Prototype CVE-2022-25877 RESERVED CVE-2022-25876 (The package link-preview-js before 2.1.16 are vulnerable to Server-sid ...) - TODO: check + NOT-FOR-US: Node link-preview-js CVE-2022-25875 RESERVED CVE-2022-25874 @@ -25805,7 +25805,7 @@ CVE-2022-25760 (All versions of package accesslog are vulnerable to Arbitrary Co CVE-2022-25759 RESERVED CVE-2022-25758 (All versions of package scss-tokenizer are vulnerable to Regular Expre ...) - TODO: check + - node-scss-tokenizer <itp> (bug #885456) CVE-2022-25648 (The package git before 1.11.0 are vulnerable to Command Injection via ...) - ruby-git <unfixed> (bug #1009926) NOTE: https://github.com/ruby-git/ruby-git/pull/569 @@ -33065,7 +33065,7 @@ CVE-2022-23765 CVE-2022-23764 RESERVED CVE-2022-23763 (Origin validation error vulnerability in NeoRS’s ActiveX moudle ...) - TODO: check + NOT-FOR-US: NeoRS for Windows CVE-2022-23762 RESERVED CVE-2022-23761 @@ -33141,7 +33141,7 @@ CVE-2022-23727 (There is a privilege escalation vulnerability in some webOS TVs. CVE-2022-23726 RESERVED CVE-2022-23725 (PingID Windows Login prior to 2.8 does not properly set permissions on ...) - TODO: check + NOT-FOR-US: pingidentity CVE-2022-23724 (Use of static encryption key material allows forging an authentication ...) NOT-FOR-US: pingidentity CVE-2022-23723 (An MFA bypass vulnerability exists in the PingFederate PingOne MFA Int ...) @@ -54274,7 +54274,7 @@ CVE-2021-41997 CVE-2021-41996 RESERVED CVE-2021-41995 (A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerab ...) - TODO: check + NOT-FOR-US: pingidentity CVE-2021-41994 (A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerabl ...) NOT-FOR-US: pingidentity CVE-2021-41993 (A misconfiguration of RSA in PingID Android app prior to 1.19 is vulne ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44d5ee5e89f96291d24b5587a3a3b0f9b02ac42c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44d5ee5e89f96291d24b5587a3a3b0f9b02ac42c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits