[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 11 09:22:55 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9080df85 by Salvatore Bonaccorso at 2022-08-11T10:22:32+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3393,7 +3393,7 @@ CVE-2022-36803
 CVE-2022-36802
 	RESERVED
 CVE-2022-36801 (Affected versions of Atlassian Jira Server and Data Center allow anony ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2022-36800 (Affected versions of Atlassian Jira Service Management Server and Data ...)
 	NOT-FOR-US: Atlassian
 CVE-2022-36799 (This issue exists to document that a security improvement in the way t ...)
@@ -3502,7 +3502,7 @@ CVE-2022-36752 (png2webp v1.0.4 was discovered to contain an out-of-bounds write
 CVE-2022-36751
 	RESERVED
 CVE-2022-36750 (Clinic's Patient Management System v1.0 is vulnerable to SQL injection ...)
-	TODO: check
+	NOT-FOR-US: Clinic's Patient Management System
 CVE-2022-36749
 	RESERVED
 CVE-2022-36748
@@ -4483,11 +4483,11 @@ CVE-2022-36327
 CVE-2022-36326
 	RESERVED
 CVE-2022-36325 (A vulnerability has been identified in SCALANCE M-800 / S615 (All vers ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-36324 (A vulnerability has been identified in SCALANCE M-800 / S615 (All vers ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-36323 (A vulnerability has been identified in SCALANCE M-800 / S615 (All vers ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-36322 (In JetBrains TeamCity before 2022.04.2 build parameter injection was p ...)
 	NOT-FOR-US: JetBrains TeamCity
 CVE-2022-36321 (In JetBrains TeamCity before 2022.04.2 the private SSH key could be wr ...)
@@ -4744,7 +4744,7 @@ CVE-2022-36272
 CVE-2022-36271
 	RESERVED
 CVE-2022-36270 (Clinic's Patient Management System v1.0 has arbitrary code execution v ...)
-	TODO: check
+	NOT-FOR-US: Clinic's Patient Management System
 CVE-2022-36269
 	RESERVED
 CVE-2022-36268
@@ -5990,7 +5990,7 @@ CVE-2022-35717
 CVE-2022-35716 (IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7 ...)
 	NOT-FOR-US: IBM
 CVE-2022-35715 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-35714
 	RESERVED
 CVE-2022-34861
@@ -7036,7 +7036,7 @@ CVE-2022-35282
 CVE-2022-35281
 	RESERVED
 CVE-2022-35280 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not req ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-35279
 	RESERVED
 CVE-2022-35278
@@ -10793,21 +10793,21 @@ CVE-2022-33933
 CVE-2022-33932
 	RESERVED
 CVE-2022-33931 (Dell Wyse Management Suite 3.6.1 and below contains an Improper Access ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33930 (Dell Wyse Management Suite 3.6.1 and below contains Information Disclo ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33929 (Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross- ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33928 (Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Pass ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33927 (Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33926 (Dell Wyse Management Suite 3.6.1 and below contains an improper access ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33925 (Dell Wyse Management Suite 3.6.1 and below contains an Improper Access ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33924 (Dell Wyse Management Suite 3.6.1 and below contains an Improper Access ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-33923 (Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Inj ...)
 	NOT-FOR-US: Dell
 CVE-2022-33922
@@ -24246,7 +24246,7 @@ CVE-2022-29092 (Dell SupportAssist Client Consumer versions (3.11.0 and versions
 CVE-2022-29091 (Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0. ...)
 	NOT-FOR-US: Dell
 CVE-2022-29090 (Dell Wyse Management Suite 3.6.1 and below contains a Sensitive Data E ...)
-	TODO: check
+	NOT-FOR-US: Dell Wyse Management Suite
 CVE-2022-29089
 	RESERVED
 CVE-2022-29088
@@ -24863,7 +24863,7 @@ CVE-2022-28883
 CVE-2022-28882
 	RESERVED
 CVE-2022-28881 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atl ...)
-	TODO: check
+	NOT-FOR-US: F-Secure
 CVE-2022-28880 (A Denial-of-Service vulnerability was discovered in the F-Secure Atlan ...)
 	NOT-FOR-US: F-Secure
 CVE-2022-28879 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atl ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9080df85789487e2835182d352fd79887f1f8cc9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9080df85789487e2835182d352fd79887f1f8cc9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220811/e5d9bfce/attachment.htm>

More information about the debian-security-tracker-commits mailing list