[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Aug 18 10:28:46 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
10890ef4 by Neil Williams at 2022-08-18T10:28:10+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -201,6 +201,7 @@ CVE-2022-2839
 	RESERVED
 CVE-2022-2838 (In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Pars ...)
 	TODO: check
+	NOTE: https://bugs.eclipse.org/580542 (private)
 CVE-2022-2837
 	RESERVED
 	- coredns <itp> (bug #880676)
@@ -18616,7 +18617,7 @@ CVE-2022-31264 (Solana solana_rbpf before 0.2.29 has an addition integer overflo
 CVE-2022-31263 (app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail  ...)
 	- mastodon <itp> (bug #859741)
 CVE-2022-31262 (An exploitable local privilege escalation vulnerability exists in GOG  ...)
-	TODO: check
+	NOT-FOR-US: GOG Galaxy
 CVE-2022-31261 (An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x throu ...)
 	NOT-FOR-US: Morpheus
 CVE-2022-1809 (Access of Uninitialized Pointer in GitHub repository radareorg/radare2 ...)
@@ -20651,9 +20652,9 @@ CVE-2022-30578
 CVE-2022-30577
 	RESERVED
 CVE-2022-30576 (The Web Console component of TIBCO Software Inc.'s TIBCO Data Science  ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2022-30575 (The Web Console component of TIBCO Software Inc.'s TIBCO Data Science  ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2022-30574 (The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community ...)
 	NOT-FOR-US: TIBCO
 CVE-2022-30573 (The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community ...)
@@ -21639,7 +21640,7 @@ CVE-2022-30264 (The Emerson ROC and FloBoss RTU product lines through 2022-05-02
 CVE-2022-30263
 	RESERVED
 CVE-2022-30262 (The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mish ...)
-	TODO: check
+	NOT-FOR-US: Emerson
 CVE-2022-30261
 	RESERVED
 CVE-2022-30260
@@ -25986,9 +25987,9 @@ CVE-2022-28754 (Zoom On-Premise Meeting Connector MMR before version 4.8.129.202
 CVE-2022-28753 (Zoom On-Premise Meeting Connector MMR before version 4.8.129.20220714  ...)
 	NOT-FOR-US: Zoom
 CVE-2022-28752 (Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2022-28751 (The Zoom Client for Meetings for MacOS (Standard and for IT Admin) bef ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2022-28750 (Zoom On-Premise Meeting Connector Zone Controller (ZC) before version  ...)
 	NOT-FOR-US: Zoom
 CVE-2022-28749 (Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 ...)
@@ -34617,7 +34618,7 @@ CVE-2022-25801 (Best Practical RT for Incident Response (RTIR) before 4.0.3 and
 CVE-2022-25800 (Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x be ...)
 	NOT-FOR-US: Best Practical RT for Incident Response
 CVE-2022-25799 (An open redirect vulnerability exists in CERT/CC VINCE software prior  ...)
-	TODO: check
+	NOT-FOR-US: CERT/CC VINCE
 CVE-2022-25798
 	RESERVED
 CVE-2022-25797 (A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 m ...)
@@ -41600,9 +41601,9 @@ CVE-2022-23767
 CVE-2022-23766
 	RESERVED
 CVE-2022-23765 (This vulnerability occured by sending a malicious POST request to a sp ...)
-	TODO: check
+	NOT-FOR-US: ipTIME NAS product
 CVE-2022-23764 (The vulnerability causing from insufficient verification procedures fo ...)
-	TODO: check
+	NOT-FOR-US: WebCube for Windows
 CVE-2022-23763 (Origin validation error vulnerability in NeoRS’s ActiveX moudle  ...)
 	NOT-FOR-US: NeoRS for Windows
 CVE-2022-23762
@@ -41636,7 +41637,7 @@ CVE-2022-23749
 CVE-2022-23748
 	RESERVED
 CVE-2022-23747 (In Sony Xperia series 1, 5, and Pro, an out of bound memory access can ...)
-	TODO: check
+	NOT-FOR-US: Sony
 CVE-2022-23746
 	RESERVED
 CVE-2022-23745 (A potential memory corruption issue was found in Capsule Workspace And ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10890ef4341b4ac7a4c1e57a15baad572bba1478

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10890ef4341b4ac7a4c1e57a15baad572bba1478
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220818/3c0678bb/attachment.htm>

More information about the debian-security-tracker-commits mailing list