Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits: 83a81e98 by Neil Williams at 2022-08-05T10:29:24+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -3756,9 +3756,9 @@ CVE-2022-35932 CVE-2022-35931 RESERVED CVE-2022-35930 (PolicyController is a utility used to enforce supply chain policy in K ...) - TODO: check + NOT-FOR-US: sigstore/policy-controller CVE-2022-35929 (cosign is a container signing and verification utility. In versions pr ...) - TODO: check + NOT-FOR-US: Cosign CVE-2022-35928 (AES Crypt is a file encryption software for multiple platforms. AES Cr ...) NOT-FOR-US: AES Crypt CVE-2022-35927 (Contiki-NG is an open-source, cross-platform operating system for IoT ...) @@ -3995,7 +3995,7 @@ CVE-2022-35860 CVE-2022-35859 RESERVED CVE-2022-35858 (The TEE_PopulateTransientObject and __utee_from_attr functions in Sams ...) - TODO: check + NOT-FOR-US: Samsung mTower CVE-2022-35857 (kvf-admin through 2022-02-12 allows remote attackers to execute arbitr ...) NOT-FOR-US: kvf-admin CVE-2022-35856 @@ -5976,7 +5976,7 @@ CVE-2022-34994 CVE-2022-34993 (Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code ...) NOT-FOR-US: Totolink CVE-2022-34992 (Luadec v0.9.9 was discovered to contain a heap-buffer overflow via the ...) - TODO: check + NOT-FOR-US: viruscamp/luadec CVE-2022-34991 (Paymoney v3.3 was discovered to contain multiple reflected cross-site ...) NOT-FOR-US: Paymoney CVE-2022-34990 @@ -6020,7 +6020,7 @@ CVE-2022-34972 (So Filter Shop v3.x was discovered to contain multiple blind SQL CVE-2022-34971 (An arbitrary file upload vulnerability in the Advertising Management m ...) NOT-FOR-US: Feehi CMS CVE-2022-34970 (Crow before v1.0+4 was discovered to contain a buffer overflow via the ...) - TODO: check + NOT-FOR-US: CrowCpp CVE-2022-34969 (PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereferen ...) NOT-FOR-US: pingcap/tidb CVE-2022-34968 (An issue in the fetch_step function in Percona Server for MySQL v8.0.2 ...) @@ -16264,7 +16264,7 @@ CVE-2022-31177 (Flask-AppBuilder is an application development framework built o CVE-2022-31176 RESERVED CVE-2022-31175 (CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vu ...) - TODO: check + NOT-FOR-US: ckeditor5-{markdown-gfm,html-support,html-embed} CKEditor 5 packages CVE-2022-31174 RESERVED CVE-2022-31173 (Juniper is a GraphQL server library for Rust. Affected versions of Jun ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83a81e989f1269384e7781d719eb53f5210169eb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83a81e989f1269384e7781d719eb53f5210169eb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits