[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Dec 6 17:03:11 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8967d04a by Moritz Muehlenhoff at 2022-12-06T18:02:34+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -517,7 +517,7 @@ CVE-2022-4282 (A vulnerability was found in SpringBootCMS and classified as crit
 CVE-2022-46421
 	RESERVED
 CVE-2022-4281 (A vulnerability has been found in Facepay 1.0 and classified as critic ...)
-	TODO: check
+	NOT-FOR-US: Facepay
 CVE-2022-46288
 	RESERVED
 CVE-2022-46287
@@ -1513,7 +1513,7 @@ CVE-2022-46169 (Cacti is an open source platform which provides a robust and ext
 CVE-2022-46168
 	RESERVED
 CVE-2022-46167 (Capsule is a multi-tenancy and policy-based framework for Kubernetes.  ...)
-	TODO: check
+	NOT-FOR-US: Capsule
 CVE-2022-46166
 	RESERVED
 CVE-2022-46165
@@ -1545,7 +1545,7 @@ CVE-2022-46153
 CVE-2022-46152 (OP-TEE Trusted OS is the secure side implementation of OP-TEE project, ...)
 	NOT-FOR-US: OP-TEE
 CVE-2022-46151 (Querybook is an open source data querying UI. In affected versions use ...)
-	TODO: check
+	NOT-FOR-US: Querybook
 CVE-2022-46150 (Discourse is an open-source discussion platform. Prior to version 2.8. ...)
 	NOT-FOR-US: Discourse
 CVE-2022-46149 (Cap'n Proto is a data interchange format and remote procedure call (RP ...)
@@ -2526,11 +2526,11 @@ CVE-2022-45773
 CVE-2022-45772
 	RESERVED
 CVE-2022-45771 (An issue in the /api/audits component of Pwndoc v0.5.3 allows attacker ...)
-	TODO: check
+	NOT-FOR-US: Pwndoc
 CVE-2022-45770
 	RESERVED
 CVE-2022-45769 (A cross-site scripting (XSS) vulnerability in ClicShopping_V3 v3.402 a ...)
-	TODO: check
+	NOT-FOR-US: ClicShopping_V3
 CVE-2022-45768
 	RESERVED
 CVE-2022-45767
@@ -3204,15 +3204,15 @@ CVE-2022-45483 (Lazy Mouse allows an attacker (in a man in the middle position b
 CVE-2022-45482 (Lazy Mouse server enforces weak password requirements and doesn't impl ...)
 	NOT-FOR-US: Lazy Mouse
 CVE-2022-45481 (The default configuration of Lazy Mouse does not require a password, a ...)
-	TODO: check
+	NOT-FOR-US: Lazy Mouse
 CVE-2022-45480 (PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-m ...)
-	TODO: check
+	NOT-FOR-US: Telepad
 CVE-2022-45479 (PC Keyboard allows remote unauthenticated users to send instructions t ...)
-	TODO: check
+	NOT-FOR-US: Telepad
 CVE-2022-45478 (Telepad allows an attacker (in a man-in-the-middle position between th ...)
-	TODO: check
+	NOT-FOR-US: Telepad
 CVE-2022-45477 (Telepad allows remote unauthenticated users to send instructions to th ...)
-	TODO: check
+	NOT-FOR-US: Telepad
 CVE-2022-45476 (Tiny File Manager version 2.4.8 executes the code of files uploaded by ...)
 	NOT-FOR-US: Tiny File Manager
 CVE-2022-45475 (Tiny File Manager version 2.4.8 allows an unauthenticated remote attac ...)
@@ -4921,7 +4921,7 @@ CVE-2022-45021
 CVE-2022-45020 (Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site sc ...)
 	NOT-FOR-US: Rukovoditel
 CVE-2022-45019 (SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulner ...)
-	TODO: check
+	NOT-FOR-US: SLiMS 9 Bulian
 CVE-2022-45018
 	RESERVED
 CVE-2022-45017 (A cross-site scripting (XSS) vulnerability in the Overview Page settin ...)
@@ -5596,7 +5596,7 @@ CVE-2022-44723
 CVE-2022-44722
 	RESERVED
 CVE-2022-44721 (CrowdStrike Falcon 6.44.15806 allows an administrative attacker to uni ...)
-	TODO: check
+	NOT-FOR-US: CrowdStrike Falcon
 CVE-2022-44720
 	RESERVED
 CVE-2022-44719
@@ -7865,7 +7865,7 @@ CVE-2022-44264
 CVE-2022-44263
 	RESERVED
 CVE-2022-44262 (ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE). ...)
-	TODO: check
+	NOT-FOR-US: ff4j
 CVE-2022-44261
 	RESERVED
 CVE-2022-44260 (TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication b ...)
@@ -8311,7 +8311,7 @@ CVE-2022-44041
 CVE-2022-44040
 	RESERVED
 CVE-2022-44039 (Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File s ...)
-	TODO: check
+	NOT-FOR-US: Franklin Fueling System FFS Colibri
 CVE-2022-44038 (Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remo ...)
 	NOT-FOR-US: Russound XSourcePlayer 777D
 CVE-2022-44037 (An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) ...)
@@ -8377,7 +8377,7 @@ CVE-2022-44011
 CVE-2022-44010
 	RESERVED
 CVE-2022-44009 (Improper access control in Key-Value RBAC in StackStorm version 3.7.0  ...)
-	TODO: check
+	NOT-FOR-US: StackStorm
 CVE-2022-44008 (An issue was discovered in BACKCLICK Professional 5.9.63. Due to impro ...)
 	NOT-FOR-US: BACKCLICK Professional
 CVE-2022-44007 (An issue was discovered in BACKCLICK Professional 5.9.63. Due to an un ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8967d04a5e12b4026fd387ba7b269c6b18b33c15

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8967d04a5e12b4026fd387ba7b269c6b18b33c15
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221206/d673b5f4/attachment.htm>

More information about the debian-security-tracker-commits mailing list