[Git][security-tracker-team/security-tracker][master] Process NFUs

Sat Apr 9 09:24:14 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fea1a7de by Salvatore Bonaccorso at 2022-04-09T10:23:50+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5373,7 +5373,7 @@ CVE-2022-26880
 CVE-2022-26879
 	RESERVED
 CVE-2022-26877 (Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local ...)
-	TODO: check
+	NOT-FOR-US: Asana Desktop
 CVE-2022-26876
 	RESERVED
 CVE-2022-26875
@@ -5415,15 +5415,15 @@ CVE-2022-26857
 CVE-2022-26856
 	RESERVED
 CVE-2022-26855 (Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect d ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-26854 (Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptograph ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-26853
 	RESERVED
 CVE-2022-26852 (Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable see ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-26851 (Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name f ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-0924 (Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers t ...)
 	{DSA-5108-1}
 	- tiff 4.3.0-6
@@ -6106,7 +6106,7 @@ CVE-2022-26590
 CVE-2022-26589
 	RESERVED
 CVE-2022-26588 (A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attacke ...)
-	TODO: check
+	NOT-FOR-US: IceHrm
 CVE-2022-26587
 	RESERVED
 CVE-2022-26586
@@ -7049,9 +7049,9 @@ CVE-2022-26253
 CVE-2022-26252 (aaPanel v6.8.21 was discovered to be vulnerable to directory traversal ...)
 	NOT-FOR-US: aaPanel
 CVE-2022-26251 (The HTTP interface of Synaman v5.1 and below was discovered to allow a ...)
-	TODO: check
+	NOT-FOR-US: Synaman
 CVE-2022-26250 (Synaman v5.1 and below was discovered to contain weak file permissions ...)
-	TODO: check
+	NOT-FOR-US: Synaman
 CVE-2022-26249 (Survey King v0.3.0 does not filter data properly when exporting excel  ...)
 	NOT-FOR-US: Survey King
 CVE-2022-26248
@@ -7192,7 +7192,7 @@ CVE-2022-26181 (Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a h
 	- lepton <removed>
 	NOTE: https://github.com/dropbox/lepton/issues/154
 CVE-2022-26180 (qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/my ...)
-	TODO: check
+	NOT-FOR-US: qdPM
 CVE-2022-26179
 	RESERVED
 CVE-2022-26178
@@ -8792,11 +8792,11 @@ CVE-2022-0700 (The Simple Tracking WordPress plugin before 1.7 does not sanitise
 CVE-2022-0699
 	RESERVED
 CVE-2022-25597 (ASUS RT-AC86U’s LPD service has insufficient filtering for speci ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2022-25596 (ASUS RT-AC56U’s configuration function has a heap-based buffer o ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2022-25595 (ASUS RT-AC86U has improper user request handling, which allows an unau ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2022-25594 (Microprogram’s parking lot management system is vulnerable to se ...)
 	TODO: check
 CVE-2022-25593
@@ -9258,7 +9258,7 @@ CVE-2022-25375 (An issue was discovered in drivers/usb/gadget/function/rndis.c i
 CVE-2022-25374 (HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Infor ...)
 	NOT-FOR-US: HashiCorp Terraform Enterprise
 CVE-2022-25373 (Zoho ManageEngine SupportCenter Plus before 11020 allows Stored XSS in ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2022-25372 (Pritunl Client through 1.2.3019.52 on Windows allows local privilege e ...)
 	NOT-FOR-US: Pritunl Client
 CVE-2022-0698



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fea1a7de370c973fa84a0b81b8c0d71354a795b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fea1a7de370c973fa84a0b81b8c0d71354a795b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220409/93c7950a/attachment.htm>
