[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 31 21:25:05 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7cd3078c by Salvatore Bonaccorso at 2022-08-31T22:24:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -635,7 +635,7 @@ CVE-2022-38814
 CVE-2022-38813
 	RESERVED
 CVE-2022-38812 (AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter. ...)
-	TODO: check
+	NOT-FOR-US: AeroCMS
 CVE-2022-38811
 	RESERVED
 CVE-2022-38810
@@ -2037,7 +2037,7 @@ CVE-2022-2867 (libtiff's tiffcrop utility has a uint32_t underflow that can lead
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/351
 	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/07d79fcac2ead271b60e32aeb80f7b4f3be9ac8c (v4.4.0rc1)
 CVE-2022-2866 (FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of- ...)
-	TODO: check
+	NOT-FOR-US: FATEK FvDesigner
 CVE-2022-2865
 	RESERVED
 	[experimental] - gitlab 15.2.3+ds1-1
@@ -2855,9 +2855,9 @@ CVE-2022-36351
 CVE-2022-33893
 	RESERVED
 CVE-2022-2759 (Delta Electronics Delta Robot Automation Studio (DRAS) versions prior  ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-2758 (All versions of LS Industrial Systems (LSIS) Co. Ltd LS Electric PLCs  ...)
-	TODO: check
+	NOT-FOR-US: LS Industrial Systems (LSIS) Co. Ltd
 CVE-2022-2757
 	RESERVED
 CVE-2022-2756 (Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavi ...)
@@ -5193,7 +5193,7 @@ CVE-2022-37186
 CVE-2022-37185
 	RESERVED
 CVE-2022-37184 (The application manage_website.php on Garage Management System 1.0 is  ...)
-	TODO: check
+	NOT-FOR-US: Garage Management System
 CVE-2022-37183 (Piwigo 12.3.0 is vulnerable to Cross Site Scripting (XSS) via /search/ ...)
 	- piwigo <removed>
 CVE-2022-37182
@@ -5317,7 +5317,7 @@ CVE-2022-37124
 CVE-2022-37123
 	RESERVED
 CVE-2022-37122 (Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, App ...)
-	TODO: check
+	NOT-FOR-US: Carel pCOWeb HVAC BACnet Gateway
 CVE-2022-37121
 	RESERVED
 CVE-2022-37120
@@ -7391,7 +7391,7 @@ CVE-2022-33949
 CVE-2022-32575
 	RESERVED
 CVE-2022-2485 (Any attempt (good or bad) to log into AutomationDirect Stride Field I/ ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2022-2484
 	RESERVED
 CVE-2022-2483



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cd3078cb13770a97d4a2658db7593f9db3692bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cd3078cb13770a97d4a2658db7593f9db3692bd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220831/0105f61f/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list