diff options
| author | Neil Williams <codehelp@debian.org> | 2022-02-18 14:36:26 +0000 |
|---|---|---|
| committer | Neil Williams <codehelp@debian.org> | 2022-02-18 14:36:26 +0000 |
| commit | 33d8a5f43ebaf3ecc695ff71a02618515919b0ba (patch) | |
| tree | b5e5a59bc60923af28c2941e433e5c87a5a9107f | |
| parent | ef05d889104a855300141225ce5899a4eeba53c1 (diff) | |
Process some NFUs
| -rw-r--r-- | data/CVE/list.2021 | 2 | ||||
| -rw-r--r-- | data/CVE/list.2022 | 9 |
2 files changed, 6 insertions, 5 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 6381b79fff..b9ac59f095 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1028,7 +1028,7 @@ CVE-2021-46251 (A reflected cross-site scripting (XSS) in ScratchOAuth2 before c CVE-2021-46250 (An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879 ...) NOT-FOR-US: ScratchOAuth2 CVE-2021-46249 (An authorization bypass exploited by a user-controlled key in Specific ...) - TODO: check + NOT-FOR-US: ScratchOAuth2 CVE-2021-46248 RESERVED CVE-2021-46247 (The use of a hard-coded cryptographic key significantly increases the ...) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index d10f3669b2..0ca9f7d8af 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -2654,7 +2654,8 @@ CVE-2022-0474 (Full list of recipients from customer users in a contact field co NOT-FOR-US: OTRS NOTE: Only affects 8.x, so won't affect znuny fork packaged in Debian CVE-2022-0473 (OTRS administrators can configure dynamic field and inject malicious J ...) - TODO: check + NOT-FOR-US: OTRS + NOTE: Only affects 7.x, so won't affect znuny fork packaged in Debian CVE-2022-24308 RESERVED CVE-2022-24307 (Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access cont ...) @@ -4316,7 +4317,7 @@ CVE-2022-0318 (Heap-based Buffer Overflow in vim/vim prior to 8.2. ...) NOTE: https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08 NOTE: https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc (v8.2.4151) CVE-2022-0317 (An improper input validation vulnerability in go-attestation before 0. ...) - TODO: check + NOT-FOR-US: go-attestation CVE-2022-0316 RESERVED CVE-2022-0315 @@ -9904,9 +9905,9 @@ CVE-2022-21678 (Discourse is an open source discussion platform. Prior to versio CVE-2022-21677 (Discourse is an open source discussion platform. Discourse groups can ...) NOT-FOR-US: Discourse CVE-2022-21676 (Engine.IO is the implementation of transport-based cross-browser/cross ...) - TODO: check + NOT-FOR-US: Engine.IO CVE-2022-21675 (Bytecode Viewer (BCV) is a Java/Android reverse engineering suite. Ver ...) - TODO: check + NOT-FOR-US: Bytecode Viewer CVE-2022-21674 RESERVED CVE-2022-21673 (Grafana is an open-source platform for monitoring and observability. I ...) |