[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sun Aug 21 21:41:09 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ed9f09d1 by Salvatore Bonaccorso at 2022-08-21T22:40:45+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20,7 +20,7 @@ CVE-2022-38486
 CVE-2022-2922
 	RESERVED
 CVE-2022-2921 (Exposure of Private Personal Information to an Unauthorized Actor in G ...)
-	TODO: check
+	NOT-FOR-US: NotrinosERP
 CVE-2022-38485
 	RESERVED
 CVE-2022-38484
@@ -292,7 +292,7 @@ CVE-2022-2887
 CVE-2022-2886 (A vulnerability, which was classified as critical, was found in Larave ...)
 	TODO: check
 CVE-2022-2885 (Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecomp ...)
-	TODO: check
+	NOT-FOR-US: yetiforcecrm
 CVE-2022-38396
 	RESERVED
 CVE-2022-38395
@@ -6433,7 +6433,7 @@ CVE-2022-36011
 CVE-2022-36010 (This library allows strings to be parsed as functions and stored as a  ...)
 	NOT-FOR-US: oxyno-zeta
 CVE-2022-36009 (gomatrixserverlib is a Go library for matrix protocol federation. Dend ...)
-	TODO: check
+	NOT-FOR-US: gomatrixserverlib
 CVE-2022-36008 (Frontier is Substrate's Ethereum compatibility layer. A security issue ...)
 	TODO: check
 CVE-2022-36007 (Venice is a Clojure inspired sandboxed Lisp dialect with excellent Jav ...)
@@ -7532,7 +7532,7 @@ CVE-2022-35556
 CVE-2022-35555 (A command injection vulnerability exists in /goform/exeCommand in Tend ...)
 	NOT-FOR-US: Tenda
 CVE-2022-35554 (Multiple reflected XSS vulnerabilities occur when handling error messa ...)
-	TODO: check
+	NOT-FOR-US: BPC SmartVista
 CVE-2022-35553
 	RESERVED
 CVE-2022-35552
@@ -22608,7 +22608,7 @@ CVE-2022-30038
 CVE-2022-30037
 	RESERVED
 CVE-2022-30036 (MA Lighting grandMA2 Light has a password of root for the root account ...)
-	TODO: check
+	NOT-FOR-US: MA Lighting grandMA2 Light
 CVE-2022-30035
 	RESERVED
 CVE-2022-30034 (Flower, a web UI for the Celery Python RPC framework, all versions as  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed9f09d18b226d3d2542c16974b2b3442436a8b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed9f09d18b226d3d2542c16974b2b3442436a8b1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220821/8b68b8ff/attachment.htm>
