[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 11 09:24:30 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d25a621b by Salvatore Bonaccorso at 2022-04-11T10:24:02+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2864,13 +2864,13 @@ CVE-2022-27963 (Xftp 7.0.0088p and below contains a binary hijack vulnerability
 CVE-2022-27962
 	RESERVED
 CVE-2022-27961 (A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in O ...)
-	TODO: check
+	NOT-FOR-US: OFCMS
 CVE-2022-27960 (Insecure permissions configured in the user_id parameter at SysUserCon ...)
-	TODO: check
+	NOT-FOR-US: OFCMS
 CVE-2022-27959
 	RESERVED
 CVE-2022-27958 (Insecure permissions configured in the userid parameter at /user/getus ...)
-	TODO: check
+	NOT-FOR-US: FEBS-Security
 CVE-2022-27957
 	RESERVED
 CVE-2022-27956
@@ -4069,9 +4069,9 @@ CVE-2022-27479
 CVE-2022-27478
 	RESERVED
 CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload  ...)
-	TODO: check
+	NOT-FOR-US: Newbee-Mall
 CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at /admin/goods/update in N ...)
-	TODO: check
+	NOT-FOR-US: Newbee-Mall
 CVE-2022-27475
 	RESERVED
 CVE-2022-27474
@@ -4433,25 +4433,25 @@ CVE-2022-27297
 CVE-2022-27296
 	RESERVED
 CVE-2022-27295 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27294 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27293 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27292 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27291 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27290 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27289 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27288 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27287 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27286 (D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-27285
 	RESERVED
 CVE-2022-27284
@@ -4463,31 +4463,31 @@ CVE-2022-27282
 CVE-2022-27281
 	RESERVED
 CVE-2022-27280 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27279 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27278
 	RESERVED
 CVE-2022-27277 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27276 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27275 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27274 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27273 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27272 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27271 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27270 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27269 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27268 (InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 ...)
-	TODO: check
+	NOT-FOR-US: InHand Networks InRouter 900 Industrial 4G Router
 CVE-2022-27267
 	RESERVED
 CVE-2022-27266



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d25a621b619959cad9d59cebf53394aa7649eea5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d25a621b619959cad9d59cebf53394aa7649eea5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220411/188e2211/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list