[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Dec 9 20:30:07 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bbed9384 by Salvatore Bonaccorso at 2022-12-09T21:29:38+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,7 +135,7 @@ CVE-2022-4380
 CVE-2022-4379
 	RESERVED
 CVE-2022-4377 (A vulnerability was found in S-CMS 5.0 Build 20220328. It has been dec ...)
-	TODO: check
+	NOT-FOR-US: S-CMS
 CVE-2022-4376
 	RESERVED
 CVE-2022-4378
@@ -153,7 +153,7 @@ CVE-2022-46833
 CVE-2022-46832
 	RESERVED
 CVE-2022-4375 (A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been cl ...)
-	TODO: check
+	NOT-FOR-US: Mingsoft MCMS
 CVE-2022-4374
 	RESERVED
 CVE-2022-4373
@@ -289,7 +289,7 @@ CVE-2022-4350 (A vulnerability, which was classified as problematic, was found i
 CVE-2022-4349 (A vulnerability classified as problematic has been found in CTF-hacker ...)
 	TODO: check
 CVE-2022-4348 (A vulnerability was found in y_project RuoYi-Cloud. It has been rated  ...)
-	TODO: check
+	NOT-FOR-US: y_project RuoYi-Cloud
 CVE-2022-4347 (A vulnerability was found in xiandafu beetl-bbs. It has been declared  ...)
 	TODO: check
 CVE-2020-36610 (A vulnerability was found in annyshow DuxCMS 2.1. It has been declared ...)
@@ -401,7 +401,7 @@ CVE-2022-4338
 CVE-2022-4337
 	RESERVED
 CVE-2022-4336 (In BAOTA linux panel there exists a stored xss vulnerability attackers ...)
-	TODO: check
+	NOT-FOR-US: BAOTA linux panel
 CVE-2022-4335
 	RESERVED
 CVE-2022-4334
@@ -1434,7 +1434,7 @@ CVE-2022-4266
 CVE-2022-4265
 	RESERVED
 CVE-2022-4264 (Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files bef ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2022-4263
 	RESERVED
 CVE-2022-XXXX [node-d3-color redos]
@@ -4819,7 +4819,7 @@ CVE-2022-45292
 CVE-2022-45291
 	RESERVED
 CVE-2022-45290 (Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vu ...)
-	TODO: check
+	NOT-FOR-US: Kbase Doc
 CVE-2022-45289
 	RESERVED
 CVE-2022-45288
@@ -5845,7 +5845,7 @@ CVE-2022-44944 (Rukovoditel v3.2.1 was discovered to contain a stored cross-site
 CVE-2022-44943
 	RESERVED
 CVE-2022-44942 (Casdoor before v1.126.1 was discovered to contain an arbitrary file de ...)
-	TODO: check
+	NOT-FOR-US: Casdoor
 CVE-2022-44941
 	RESERVED
 CVE-2022-44940
@@ -5853,7 +5853,7 @@ CVE-2022-44940
 CVE-2022-44939
 	RESERVED
 CVE-2022-44938 (Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attac ...)
-	TODO: check
+	NOT-FOR-US: SeedDMS
 CVE-2022-44937 (Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery  ...)
 	NOT-FOR-US: BossCMS
 CVE-2022-44936
@@ -6031,7 +6031,7 @@ CVE-2022-44851
 CVE-2022-44850
 	RESERVED
 CVE-2022-44849 (A Cross-Site Request Forgery (CSRF) in the Administrator List of MetIn ...)
-	TODO: check
+	NOT-FOR-US: MetInfo
 CVE-2022-44848
 	RESERVED
 CVE-2022-44847
@@ -6053,7 +6053,7 @@ CVE-2022-44840
 CVE-2022-44839
 	RESERVED
 CVE-2022-44838 (Automotive Shop Management System v1.0 was discovered to contain a SQL ...)
-	TODO: check
+	NOT-FOR-US: Automotive Shop Management System
 CVE-2022-44837
 	RESERVED
 CVE-2022-44836



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbed93847a19c9505bee9c3ac113c7f2b6dadaa3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbed93847a19c9505bee9c3ac113c7f2b6dadaa3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221209/d410c2ca/attachment-0001.htm>
