[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 18 10:24:09 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e580858 by Salvatore Bonaccorso at 2022-08-18T11:23:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5635,9 +5635,9 @@ CVE-2022-36218
 CVE-2022-36217
 	RESERVED
 CVE-2022-36216 (DedeCMS v5.7.94 - v5.7.97 was discovered to contain a remote code exec ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2022-36215 (DedeBIZ v6 was discovered to contain a remote code execution vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2022-36214
 	RESERVED
 CVE-2022-36213
@@ -7105,23 +7105,23 @@ CVE-2022-35608
 CVE-2022-35607
 	RESERVED
 CVE-2022-35606 (A SQL injection vulnerability in CustomerDAO.java in sazanrjb Inventor ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35605 (A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryMan ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35604 (A SQL injection vulnerability in SupplierDAO.java in sazanrjb Inventor ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35603 (A SQL injection vulnerability in CustomerDAO.java in sazanrjb Inventor ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35602 (A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryMan ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35601 (A SQL injection vulnerability in SupplierDAO.java in sazanrjb Inventor ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35600
 	RESERVED
 CVE-2022-35599 (A SQL injection vulnerability in Stocks.java in sazanrjb InventoryMana ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35598 (A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb ...)
-	TODO: check
+	NOT-FOR-US: sazanrjb InventoryManagementSystem
 CVE-2022-35597
 	RESERVED
 CVE-2022-35596
@@ -7285,7 +7285,7 @@ CVE-2022-35518 (WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has
 CVE-2022-35517 (WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no fi ...)
 	NOT-FOR-US: WAVLINK
 CVE-2022-35516 (DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code exec ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2022-35515
 	RESERVED
 CVE-2022-35514
@@ -7451,7 +7451,7 @@ CVE-2022-35435
 CVE-2022-35434 (jpeg-quantsmooth before commit 8879454 contained a floating point exce ...)
 	TODO: check
 CVE-2022-35433 (ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered  ...)
-	TODO: check
+	NOT-FOR-US: ffjpeg
 CVE-2022-35432
 	RESERVED
 CVE-2022-35431
@@ -8150,7 +8150,7 @@ CVE-2022-35167
 CVE-2022-35166 (libjpeg commit 842c7ba was discovered to contain an infinite loop via  ...)
 	TODO: check
 CVE-2022-35165 (An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows at ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-35164 (LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a ...)
 	TODO: check
 CVE-2022-35163 (Complete Online Job Search System v1.0 was discovered to contain a cro ...)
@@ -8184,9 +8184,9 @@ CVE-2022-35150
 CVE-2022-35149
 	RESERVED
 CVE-2022-35148 (maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain  ...)
-	TODO: check
+	NOT-FOR-US: maccms10
 CVE-2022-35147 (DoraCMS v2.18 and earlier allows attackers to bypass login authenticat ...)
-	TODO: check
+	NOT-FOR-US: DoraCMS
 CVE-2022-35146
 	RESERVED
 CVE-2022-35145



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e5808586e5e7ae48616b8307e6a9f5c7f6ba4f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e5808586e5e7ae48616b8307e6a9f5c7f6ba4f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220818/72c081cf/attachment.htm>

More information about the debian-security-tracker-commits mailing list