[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a48e5a35 by Salvatore Bonaccorso at 2022-08-16T10:43:59+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5105,19 +5105,19 @@ CVE-2021-46828 (In libtirpc before 1.3.3rc1, remote attackers could exhaust the
 	NOTE: Fixed by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed (libtirpc-1-3-3-rc1)
 	NOTE: Introduced by: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=b2c9430f46c4ac848957fb8adaac176a3f6ac03f (libtirpc-0-3-3-rc3)
 CVE-2022-36312 (Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF pro ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500 software
 CVE-2022-36311 (Airspan AirVelocity 1500 prior to software version 15.18.00.2511 is vu ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500 software
 CVE-2022-36310 (Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had N ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500 software
 CVE-2022-36309 (Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500 software
 CVE-2022-36308 (Airspan AirVelocity 1500 web management UI displays SNMP credentials i ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500
 CVE-2022-36307 (The AirVelocity 1500 prints SNMP credentials on its physically accessi ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500
 CVE-2022-36306 (An authenticated attacker can enumerate and download sensitive files,  ...)
-	TODO: check
+	NOT-FOR-US: Airspan AirVelocity 1500
 CVE-2022-36294
 	RESERVED
 CVE-2022-36290
@@ -6328,7 +6328,7 @@ CVE-2022-35824 (Azure Site Recovery Remote Code Execution Vulnerability. This CV
 CVE-2022-35823
 	RESERVED
 CVE-2022-35822 (Windows Defender Credential Guard Security Feature Bypass Vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2022-35821 (Azure Sphere Information Disclosure Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-35820 (Windows Bluetooth Driver Elevation of Privilege Vulnerability. ...)
@@ -9118,7 +9118,7 @@ CVE-2022-34713 (Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Exe
 CVE-2022-34712 (Windows Defender Credential Guard Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-34711 (Windows Defender Credential Guard Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2022-34710 (Windows Defender Credential Guard Information Disclosure Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-34709 (Windows Defender Credential Guard Security Feature Bypass Vulnerabilit ...)
@@ -25696,7 +25696,7 @@ CVE-2022-28758
 CVE-2022-28757
 	RESERVED
 CVE-2022-28756 (The Zoom Client for Meetings for macOS (Standard and for IT Admin) sta ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2022-28755 (The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Wind ...)
 	NOT-FOR-US: Zoom
 CVE-2022-28754 (Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48e5a35a62e9db3a03d996a1b541cd56d848a07

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48e5a35a62e9db3a03d996a1b541cd56d848a07
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220816/dff4a9d7/attachment.htm>