[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Aug 4 21:26:18 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
03ba3f66 by Salvatore Bonaccorso at 2022-08-04T22:25:50+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2022-2658
 CVE-2022-2657
 	RESERVED
 CVE-2022-2656 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Multi Language Hotel Management Software
 CVE-2022-2655
 	RESERVED
 CVE-2022-2654
@@ -23,13 +23,13 @@ CVE-2022-2653 (With this vulnerability an attacker can read many sensitive files
 CVE-2022-2652 (Depending on the way the format strings in the card label are crafted  ...)
 	TODO: check
 CVE-2022-2651 (Authentication Bypass by Primary Weakness in GitHub repository bookwyr ...)
-	TODO: check
+	NOT-FOR-US: BookWyrm
 CVE-2022-2650
 	RESERVED
 CVE-2022-2649
 	RESERVED
 CVE-2022-2648 (A vulnerability was found in SourceCodester Multi Language Hotel Manag ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Multi Language Hotel Management Software
 CVE-2022-2647 (A vulnerability was found in jeecg-boot. It has been declared as criti ...)
 	TODO: check
 CVE-2022-37397
@@ -55,13 +55,13 @@ CVE-2022-34152
 CVE-2022-32766
 	RESERVED
 CVE-2022-2646 (A vulnerability, which was classified as problematic, was found in Sou ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Admission System
 CVE-2022-2645 (A vulnerability has been found in SourceCodester Garage Management Sys ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Garage Management System
 CVE-2022-2644 (A vulnerability was found in SourceCodester Online Admission System an ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Admission System
 CVE-2022-2643 (A vulnerability has been found in SourceCodester Online Admission Syst ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Admission System
 CVE-2022-2642
 	RESERVED
 CVE-2022-2641
@@ -5381,7 +5381,7 @@ CVE-2022-35218 (The NHI card’s web service component has a heap-based buff
 CVE-2022-35217 (The NHI card’s web service component has a stack-based buffer ov ...)
 	NOT-FOR-US: NHI card
 CVE-2022-35216 (OMICARD EDM’s mail image relay function has a path traversal vul ...)
-	TODO: check
+	NOT-FOR-US: OMICARD EDM
 CVE-2022-2320 [ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access]
 	RESERVED
 	{DLA-3068-1}
@@ -11189,11 +11189,11 @@ CVE-2022-32967
 CVE-2022-32966
 	RESERVED
 CVE-2022-32965 (OMICARD EDM has a hard-coded machine key. An unauthenticated remote at ...)
-	TODO: check
+	NOT-FOR-US: OMICARD EDM
 CVE-2022-32964 (OMICARD EDM’s API function has insufficient validation for user  ...)
-	TODO: check
+	NOT-FOR-US: OMICARD EDM
 CVE-2022-32963 (OMICARD EDM’s mail file relay function has a path traversal vuln ...)
-	TODO: check
+	NOT-FOR-US: OMICARD EDM
 CVE-2022-32962 (HiCOS’ client-side citizen certificate component has a double fr ...)
 	NOT-FOR-US: HICOS
 CVE-2022-32961 (HICOS’ client-side citizen digital certificate component has a s ...)
@@ -16260,7 +16260,7 @@ CVE-2022-31134 (Zulip is an open-source team collaboration tool. Zulip Server ve
 CVE-2022-31133 (HumHub is an Open Source Enterprise Social Network. Affected versions  ...)
 	NOT-FOR-US: HumHub
 CVE-2022-31132 (Nextcloud Mail is an email application for the nextcloud personal clou ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Mail
 CVE-2022-31131 (Nextcloud mail is a Mail app for the Nextcloud home server product. Ve ...)
 	NOT-FOR-US: Nextcloud Mail app
 CVE-2022-31130
@@ -16291,7 +16291,7 @@ CVE-2022-31121 (Hyperledger Fabric is a permissioned distributed ledger framewor
 CVE-2022-31120 (Nextcloud server is an open source personal cloud solution. The audit  ...)
 	TODO: check
 CVE-2022-31119 (Nextcloud Mail is an email application for the nextcloud personal clou ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Mail
 CVE-2022-31118 (Nextcloud server is an open source personal cloud solution. In affecte ...)
 	TODO: check
 CVE-2022-31117 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03ba3f66d15a805e3010e380967d3e64d54a6ba3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03ba3f66d15a805e3010e380967d3e64d54a6ba3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220804/2b06026d/attachment.htm>
