[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Aug 23 10:13:16 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea02ce8d by Salvatore Bonaccorso at 2022-08-23T11:12:50+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,9 +61,9 @@ CVE-2022-38670
 CVE-2022-38669
 	RESERVED
 CVE-2022-38668 (HTTP applications (servers) based on Crow through 1.0+4 may reveal pot ...)
-	TODO: check
+	NOT-FOR-US: CrowCpp
 CVE-2022-38667 (HTTP applications (servers) based on Crow through 1.0+4 may allow a Us ...)
-	TODO: check
+	NOT-FOR-US: CrowCpp
 CVE-2022-2953
 	RESERVED
 CVE-2022-2952
@@ -716,7 +716,7 @@ CVE-2022-36420
 CVE-2022-36419
 	RESERVED
 CVE-2022-34652 (A sql injection vulnerability exists in the ObjectYPT functionality of ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2022-33310
 	RESERVED
 CVE-2022-2899
@@ -981,7 +981,7 @@ CVE-2022-2844 (A vulnerability classified as problematic has been found in MotoP
 CVE-2022-2843 (A vulnerability was found in MotoPress Timetable and Event Schedule. I ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2842 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Gym Management System
 CVE-2022-2841 (A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.1561 ...)
 	NOT-FOR-US: CrowdStrike Falcon
 CVE-2022-2840
@@ -1030,7 +1030,7 @@ CVE-2022-38364
 CVE-2022-38363
 	RESERVED
 CVE-2022-2829 (Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecomp ...)
-	TODO: check
+	NOT-FOR-US: yetiforcecrm
 CVE-2022-2828
 	RESERVED
 CVE-2022-2827
@@ -2270,7 +2270,7 @@ CVE-2022-37865
 CVE-2022-37864
 	RESERVED
 CVE-2022-35733 (Missing authentication for critical function vulnerability in UNIMO Te ...)
-	TODO: check
+	NOT-FOR-US:  Technology digital video recorders firmware
 CVE-2022-2719 (In ImageMagick, a crafted file could trigger an assertion failure when ...)
 	- imagemagick <not-affected> (Specific to IM7)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2116537
@@ -4394,7 +4394,7 @@ CVE-2020-36564
 CVE-2020-36563
 	RESERVED
 CVE-2019-25075 (HTML injection combined with path traversal in the Email service in Gr ...)
-	TODO: check
+	NOT-FOR-US: Gravitee API Management
 CVE-2019-25074
 	RESERVED
 CVE-2019-25073
@@ -8927,7 +8927,7 @@ CVE-2022-35193
 CVE-2022-35192
 	RESERVED
 CVE-2022-35191 (D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmw ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-35190
 	RESERVED
 CVE-2022-35189
@@ -9490,7 +9490,7 @@ CVE-2022-34921
 CVE-2022-34920
 	RESERVED
 CVE-2022-34919 (The file upload wizard in Zengenti Contensis Classic before 15.2.1.79  ...)
-	TODO: check
+	NOT-FOR-US: Zengenti Contensis Classic
 CVE-2022-34918 (An issue was discovered in the Linux kernel through 5.18.9. A type con ...)
 	{DSA-5191-1}
 	- linux 5.18.14-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea02ce8d7b5e41b7e67df0ed540dd6b6bf13d9ca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea02ce8d7b5e41b7e67df0ed540dd6b6bf13d9ca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220823/a025f71b/attachment.htm>
