[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
53345ef4 by Neil Williams at 2022-08-03T11:12:38+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15961,17 +15961,17 @@ CVE-2022-31190 (DSpace open source software is a repository application which pr
 CVE-2022-31189 (DSpace open source software is a repository application which provides ...)
 	NOT-FOR-US: DSpace
 CVE-2022-31188 (CVAT is an opensource interactive video and image annotation tool for  ...)
-	TODO: check
+	NOT-FOR-US: cvat-ai/cvat
 CVE-2022-31187
 	RESERVED
 CVE-2022-31186 (NextAuth.js is a complete open source authentication solution for Next ...)
 	NOT-FOR-US: NextAuth.js
 CVE-2022-31185 (mprweb is a hosting platform for the makedeb Package Repository. Email ...)
-	TODO: check
+	NOT-FOR-US: makedeb/mprweb
 CVE-2022-31184 (Discourse is the an open source discussion platform. In affected versi ...)
 	NOT-FOR-US: Discourse
 CVE-2022-31183 (fs2 is a compositional, streaming I/O library for Scala. When establis ...)
-	TODO: check
+	NOT-FOR-US: typelevel/fs2
 CVE-2022-31182 (Discourse is the an open source discussion platform. In affected versi ...)
 	NOT-FOR-US: Discourse
 CVE-2022-31181 (PrestaShop is an Open Source e-commerce platform. In versions from 1.6 ...)
@@ -15992,7 +15992,7 @@ CVE-2022-31175
 CVE-2022-31174
 	RESERVED
 CVE-2022-31173 (Juniper is a GraphQL server library for Rust. Affected versions of Jun ...)
-	TODO: check
+	NOT-FOR-US: graphql-rust/juniper
 CVE-2022-31172 (OpenZeppelin Contracts is a library for smart contract development. Ve ...)
 	NOT-FOR-US: OpenZeppelin Contracts
 CVE-2022-31171
@@ -17805,9 +17805,9 @@ CVE-2022-30574
 CVE-2022-30573
 	RESERVED
 CVE-2022-30572 (The iWay Service Manager Console component of TIBCO Software Inc.'s TI ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2022-30571 (The iWay Service Manager Console component of TIBCO Software Inc.'s TI ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2022-30570 (The Column Based Security component of TIBCO Software Inc.'s TIBCO Dat ...)
 	NOT-FOR-US: TIBCO
 CVE-2022-30569
@@ -18731,7 +18731,7 @@ CVE-2022-30287 (Horde Groupware Webmail Edition through 5.2.22 allows a reflecti
 CVE-2022-30286 (pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04  ...)
 	NOT-FOR-US: pyscriptjs
 CVE-2022-30285 (In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash  ...)
-	TODO: check
+	NOT-FOR-US: Quest KACE System Management Appliance
 CVE-2022-30284 (** DISPUTED ** In the python-libnmap package through 0.7.2 for Python, ...)
 	NOTE: Bogus python-libnmap issue
 CVE-2022-30283
@@ -20238,7 +20238,7 @@ CVE-2022-1469 (The FiboSearch WordPress plugin before 1.17.0 does not sanitise a
 CVE-2022-29808 (In Quest KACE Systems Management Appliance (SMA) through 12.0, predict ...)
 	TODO: check
 CVE-2022-29807 (A SQL injection vulnerability exists within Quest KACE Systems Managem ...)
-	TODO: check
+	NOT-FOR-US: Quest KACE System Management Appliance
 CVE-2022-29806 (ZoneMinder before 1.36.13 allows remote code execution via an invalid  ...)
 	- zoneminder 1.36.13+dfsg1-1 (unimportant)
 	NOTE: https://forums.zoneminder.com/viewtopic.php?t=31638



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53345ef4ced203289797969a134533d440629a7c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53345ef4ced203289797969a134533d440629a7c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220803/792d83a6/attachment-0001.htm>