[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 13 20:44:06 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7db507a2 by Salvatore Bonaccorso at 2022-12-13T21:43:39+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133,7 +133,7 @@ CVE-2022-4446 (PHP Remote File Inclusion in GitHub repository tsolucio/corebos p
CVE-2022-4445
RESERVED
CVE-2022-4444 (A vulnerability was found in ipti br.tag. It has been declared as prob ...)
- TODO: check
+ NOT-FOR-US: ipti br.tag
CVE-2022-4443
RESERVED
CVE-2022-4442
@@ -1998,7 +1998,7 @@ CVE-2022-46666
CVE-2022-46665
RESERVED
CVE-2022-46664 (A vulnerability has been identified in Mendix Workflow Commons (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46662
RESERVED
CVE-2022-4310
@@ -2978,27 +2978,27 @@ CVE-2022-46357
CVE-2022-46356
RESERVED
CVE-2022-46355 (A vulnerability has been identified in SCALANCE X204RNA (HSR) (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46354 (A vulnerability has been identified in SCALANCE X204RNA (HSR) (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46353 (A vulnerability has been identified in SCALANCE X204RNA (HSR) (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46352 (A vulnerability has been identified in SCALANCE X204RNA (HSR) (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46351 (A vulnerability has been identified in SCALANCE X204RNA (HSR) (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46350 (A vulnerability has been identified in SCALANCE X204RNA (HSR) (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46349 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46348 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46347 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46346 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46345 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-4239
RESERVED
CVE-2022-4238
@@ -3352,7 +3352,7 @@ CVE-2022-40973
CVE-2022-37331
RESERVED
CVE-2022-46265 (A vulnerability has been identified in Polarion ALM (All versions). Th ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46264
RESERVED
CVE-2022-46263
@@ -3610,15 +3610,15 @@ CVE-2022-46146 (Prometheus Exporter Toolkit is a utility package to build export
CVE-2022-46145 (authentik is an open-source identity provider. Versions prior to 2022. ...)
NOT-FOR-US: authentik
CVE-2022-46144 (A vulnerability has been identified in SCALANCE SC622-2C (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46143 (Affected devices do not check the TFTP blocksize correctly. This could ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46142 (Affected devices store the CLI user passwords encrypted in flash memor ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-46141
RESERVED
CVE-2022-46140 (Affected devices use a weak encryption scheme to encrypt the debug zip ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-44620 (Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1 ...)
NOT-FOR-US: UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware
CVE-2022-44606 (OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 ...)
@@ -3835,15 +3835,15 @@ CVE-2022-46064
CVE-2022-46063
RESERVED
CVE-2022-46062 (Gym Management System v0.0.1 is vulnerable to Cross Site Request Forge ...)
- TODO: check
+ NOT-FOR-US: Gym Management System
CVE-2022-46061 (AeroCMS v0.0.1 is vulnerable to ClickJacking. ...)
- TODO: check
+ NOT-FOR-US: AeroCMS
CVE-2022-46060
RESERVED
CVE-2022-46059 (AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF). ...)
- TODO: check
+ NOT-FOR-US: AeroCMS
CVE-2022-46058 (AeroCMS v0.0.1 was discovered to contain a cross-site scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: AeroCMS
CVE-2022-46057
RESERVED
CVE-2022-46056
@@ -3857,7 +3857,7 @@ CVE-2022-46053
CVE-2022-46052
RESERVED
CVE-2022-46051 (The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable ...)
- TODO: check
+ NOT-FOR-US: AeroCMS
CVE-2022-46050
RESERVED
CVE-2022-46049
@@ -3865,7 +3865,7 @@ CVE-2022-46049
CVE-2022-46048
RESERVED
CVE-2022-46047 (AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter ...)
- TODO: check
+ NOT-FOR-US: AeroCMS
CVE-2022-46046
RESERVED
CVE-2022-46045
@@ -4086,9 +4086,9 @@ CVE-2022-45939 (GNU Emacs through 28.2 allows attackers to execute commands via
CVE-2022-45938
RESERVED
CVE-2022-45937 (A vulnerability has been identified in APOGEE PXC Series (BACnet) (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-45936 (A vulnerability has been identified in Mendix Email Connector (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-4146
RESERVED
CVE-2022-45935
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7db507a2b9f30c903c6a4ab340c1a912ba38d3c9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7db507a2b9f30c903c6a4ab340c1a912ba38d3c9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221213/82fa722c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list