[Git][security-tracker-team/security-tracker][master] Associate three Backdrop CMS CVEs with backdrop itp'ed entry

Tue, 22 Nov 2022 00:40:56 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3b611f9c by Salvatore Bonaccorso at 2022-11-22T09:40:15+01:00
Associate three Backdrop CMS CVEs with backdrop itp'ed entry

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12700,7 +12700,7 @@ CVE-2022-42094
 CVE-2022-42093
        RESERVED
 CVE-2022-42092 (Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability 
via 'th ...)
-       NOT-FOR-US: Backdrop CMS
+       - backdrop <itp> (bug #914257)
 CVE-2022-42091
        RESERVED
 CVE-2022-42090
@@ -32704,7 +32704,7 @@ CVE-2022-34532
 CVE-2022-34531 (DedeCMS v5.7.95 was discovered to contain a remote code 
execution (RCE ...)
        NOT-FOR-US: DedeCMS
 CVE-2022-34530 (An issue in the login and reset password functionality of 
Backdrop CMS ...)
-       NOT-FOR-US: Backdrop CMS
+       - backdrop <itp> (bug #914257)
 CVE-2022-34529 (WASM3 v0.5.0 was discovered to contain a segmentation fault 
via the co ...)
        NOT-FOR-US: WASM3
 CVE-2022-34528 (D-Link DSL-3782 v1.03 and below was discovered to contain a 
stack over ...)
@@ -72737,7 +72737,7 @@ CVE-2021-45270
 CVE-2021-45269
        RESERVED
 CVE-2021-45268 (** DISPUTED ** A Cross Site Request Forgery (CSRF) 
vulnerability exist ...)
-       NOT-FOR-US: Backdrop CMS
+       - backdrop <itp> (bug #914257)
 CVE-2021-45267 (An invalid memory address dereference vulnerability exists in 
gpac 1.1 ...)
        - gpac 2.0.0+dfsg1-2
        [buster] - gpac <end-of-life> (EOL in buster LTS)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b611f9c6a928ad79d1bab846c128ffa9ce215f9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b611f9c6a928ad79d1bab846c128ffa9ce215f9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to