[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Apr 14 11:27:35 BST 2022



Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eef205d8 by Neil Williams at 2022-04-14T11:27:18+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3382,15 +3382,15 @@ CVE-2022-28038
 CVE-2022-28037
 	RESERVED
 CVE-2022-28036 (AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_nav ...)
-	TODO: check
+	NOT-FOR-US: AtomCMS
 CVE-2022-28035 (Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_bl ...)
-	TODO: check
+	NOT-FOR-US: AtomCMS
 CVE-2022-28034 (AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_lis ...)
-	TODO: check
+	NOT-FOR-US: AtomCMS
 CVE-2022-28033 (Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads ...)
-	TODO: check
+	NOT-FOR-US: AtomCMS
 CVE-2022-28032 (AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pag ...)
-	TODO: check
+	NOT-FOR-US: AtomCMS
 CVE-2022-28031
 	RESERVED
 CVE-2022-28030
@@ -5716,15 +5716,15 @@ CVE-2022-XXXX [wordpress 5.9.2]
 	[stretch] - wordpress 4.7.23+dfsg-0+deb9u1
 	NOTE: https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/
 CVE-2022-27165 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_m ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2022-27164 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_vi ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2022-27163 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_ed ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2022-27162 (CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_ ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2022-27161 (Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_ ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2022-27160
 	RESERVED
 CVE-2022-27159
@@ -14891,13 +14891,13 @@ CVE-2018-25029 (The Z-Wave specification requires that S2 security can be downgr
 CVE-2013-20003 (Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (usin ...)
 	NOT-FOR-US: Z-Wave devices
 CVE-2022-23973 (ASUS RT-AX56U’s user profile configuration function is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: Asus RT-AX56U
 CVE-2022-23972 (ASUS RT-AX56U’s SQL handling function has an SQL injection vulne ...)
-	TODO: check
+	NOT-FOR-US: Asus RT-AX56U
 CVE-2022-23971 (ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulner ...)
-	TODO: check
+	NOT-FOR-US: Asus RT-AX56U
 CVE-2022-23970 (ASUS RT-AX56U’s update_json function has a path traversal vulner ...)
-	TODO: check
+	NOT-FOR-US: Asus RT-AX56U
 CVE-2022-23969
 	RESERVED
 CVE-2022-23968 (Xerox VersaLink devices on specific versions of firmware before 2022-0 ...)
@@ -16663,11 +16663,11 @@ CVE-2022-23451
 	NOTE: https://storyboard.openstack.org/#!/story/2009253
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2025089
 CVE-2022-23450 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens SIMATIC
 CVE-2022-23449 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens SIMATIC
 CVE-2022-23448 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens SIMATIC
 CVE-2022-23447
 	RESERVED
 CVE-2022-23446 (A improper control of a resource through its lifetime in Fortinet Fort ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef205d8c01fd4adadda1559e8f61a9948147764

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef205d8c01fd4adadda1559e8f61a9948147764
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/f4b565e3/attachment.htm>


More information about the debian-security-tracker-commits mailing list