[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Apr 29 22:23:36 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32e1475d by Salvatore Bonaccorso at 2022-04-29T23:23:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2022-29939
 CVE-2022-29938
 	RESERVED
 CVE-2022-29937 (USU Oracle Optimization before 5.17.5 allows authenticated DataCollect ...)
-	TODO: check
+	NOT-FOR-US: USU Oracle Optimization
 CVE-2022-29936 (USU Oracle Optimization before 5.17 allows authenticated quantum users ...)
-	TODO: check
+	NOT-FOR-US: USU Oracle Optimization
 CVE-2022-29935 (USU Oracle Optimization before 5.17.5 allows attackers to discover the ...)
-	TODO: check
+	NOT-FOR-US: USU Oracle Optimization
 CVE-2022-29934 (USU Oracle Optimization before 5.17.5 lacks Polkit authentication, whi ...)
-	TODO: check
+	NOT-FOR-US: USU Oracle Optimization
 CVE-2022-29933
 	RESERVED
 CVE-2022-29932
@@ -87,7 +87,7 @@ CVE-2022-1532
 CVE-2022-1531 (SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in ...)
 	TODO: check
 CVE-2022-1530 (Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehel ...)
-	TODO: check
+	NOT-FOR-US: livehelperchat
 CVE-2022-1529
 	RESERVED
 CVE-2022-1528
@@ -111,7 +111,7 @@ CVE-2022-29903 (The Private Domains extension for MediaWiki through 1.37.2 (befo
 CVE-2022-29902
 	RESERVED
 CVE-2022-1526 (A vulnerability, which was classified as problematic, was found in Eml ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2022-29901
 	RESERVED
 CVE-2022-29900
@@ -247,7 +247,7 @@ CVE-2022-29858
 CVE-2022-29857
 	RESERVED
 CVE-2022-29856 (A hardcoded cryptographic key in Automation360 22 allows an attacker t ...)
-	TODO: check
+	NOT-FOR-US: Automation360
 CVE-2022-29855
 	RESERVED
 CVE-2022-29854
@@ -1324,9 +1324,9 @@ CVE-2022-1405
 CVE-2022-1404
 	RESERVED
 CVE-2022-1403 (ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input  ...)
-	TODO: check
+	NOT-FOR-US: ASDA-Soft
 CVE-2022-1402 (ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input  ...)
-	TODO: check
+	NOT-FOR-US: ASDA-Soft
 CVE-2022-1401
 	RESERVED
 CVE-2022-1400
@@ -1485,7 +1485,7 @@ CVE-2022-29453
 CVE-2022-29452
 	RESERVED
 CVE-2022-29451 (Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-29450
 	RESERVED
 CVE-2022-29449
@@ -1559,7 +1559,7 @@ CVE-2022-29416
 CVE-2022-29415 (Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-29414 (Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-29413 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-29412 (Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit & ...)
@@ -3986,7 +3986,7 @@ CVE-2022-28482
 CVE-2022-28481
 	RESERVED
 CVE-2022-28480 (ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.ex ...)
-	TODO: check
+	NOT-FOR-US: ALLMediaServer
 CVE-2022-28479
 	RESERVED
 CVE-2022-28478
@@ -4042,7 +4042,7 @@ CVE-2022-28454 (Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS).
 CVE-2022-28453
 	RESERVED
 CVE-2022-28452 (Red Planet Laundry Management System 1.0 is vulnerable to SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: Red Planet Laundry Management System
 CVE-2022-28451
 	RESERVED
 CVE-2022-28450 (nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32e1475debc958576337b2dc29539c6f5e72306d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32e1475debc958576337b2dc29539c6f5e72306d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220429/65e0d801/attachment-0001.htm>
