[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Dec 7 11:05:52 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
56308c31 by Moritz Muehlenhoff at 2022-12-07T12:05:33+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11222,7 +11222,7 @@ CVE-2022-43708 (MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vuln
 CVE-2022-43707 (MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the visu ...)
 	NOT-FOR-US: MyBB
 CVE-2022-43706 (Cross-site scripting (XSS) vulnerability in the Web UI of StackStorm v ...)
-	TODO: check
+	NOT-FOR-US: StackStorm
 CVE-2022-43705 (In Botan before 2.19.3, it is possible to forge OCSP responses due to  ...)
 	- botan 2.19.3+dfsg-1
 	[bullseye] - botan <no-dsa> (Minor issue)
@@ -11650,7 +11650,7 @@ CVE-2022-43559
 CVE-2022-43558
 	RESERVED
 CVE-2022-43557 (The BD BodyGuard™ infusion pumps specified allow for access thro ...)
-	TODO: check
+	NOT-FOR-US: BD BodyGuard
 CVE-2022-43556 (Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9 ...)
 	NOT-FOR-US: Concrete CMS
 CVE-2022-43555
@@ -12144,6 +12144,7 @@ CVE-2022-43400 (A vulnerability has been identified in Siveillance Video Mobile
 	NOT-FOR-US: Siveillance Video Mobile Server V2022 R2
 CVE-2022-3596
 	RESERVED
+	NOT-FOR-US: undercloud
 CVE-2022-3595 (A vulnerability was found in Linux Kernel. It has been rated as proble ...)
 	- linux <not-affected> (Vulnerable code not in any released version in Debian and upstream)
 	NOTE: https://git.kernel.org/linus/b854b4ee66437e6e1622fda90529c814978cb4ca
@@ -12374,7 +12375,7 @@ CVE-2022-43327
 CVE-2022-43326 (An Insecure Direct Object Reference (IDOR) vulnerability in the passwo ...)
 	NOT-FOR-US: Telos Alliance Omnia MPX Node
 CVE-2022-43325 (An unauthenticated command injection vulnerability in the product lice ...)
-	TODO: check
+	NOT-FOR-US: Telos Alliance Omnia MPX Node
 CVE-2022-43324
 	RESERVED
 CVE-2022-43323 (EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request ...)
@@ -13941,63 +13942,63 @@ CVE-2022-3452 (A vulnerability was found in SourceCodester Book Store Management
 CVE-2022-42783
 	RESERVED
 CVE-2022-42782 (In wlan driver, there is a possible missing permission check, This cou ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42781 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42780 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42779 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42778 (In windows manager service, there is a missing permission check. This  ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42777 (In power management service, there is a missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42776 (In UscAIEngine service, there is a missing permission check. This coul ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42775 (In camera driver, there is a possible memory corruption due to imprope ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42774 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42773 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42772 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42771 (In wlan driver, there is a race condition, This could lead to local de ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42770 (In wlan driver, there is a race condition, This could lead to local de ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42769 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42768 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42767 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42766 (In wlan driver, there is a possible missing permission check, This cou ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42765 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42764 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42763 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42762 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42761 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42760 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42759 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42758 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42757 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42756 (In sensor driver, there is a possible buffer overflow due to a missing ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42755 (In wlan driver, there is a possible missing bounds check, This could l ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42754 (In npu driver, there is a memory corruption due to a use after free. T ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-42753 (SalonERP version 3.0.2 allows an external attacker to steal the cookie ...)
 	NOT-FOR-US: SalonERP
 CVE-2022-42752



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56308c3106ef50f23c39fb0dfe494a7a3db7096f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56308c3106ef50f23c39fb0dfe494a7a3db7096f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221207/17d7ed99/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list