[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Dec 22 20:23:03 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
99b94bf9 by Salvatore Bonaccorso at 2022-12-22T21:22:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2023-0022
 CVE-2023-0021
 	RESERVED
 CVE-2022-47926 (AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_ ...)
-	TODO: check
+	NOT-FOR-US: AyaCMS
 CVE-2022-4663
 	RESERVED
 CVE-2022-4662
@@ -6642,9 +6642,9 @@ CVE-2022-46104
 CVE-2022-46103
 	RESERVED
 CVE-2022-46102 (AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/ad ...)
-	TODO: check
+	NOT-FOR-US: AyaCMS
 CVE-2022-46101 (AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php fil ...)
-	TODO: check
+	NOT-FOR-US: AyaCMS
 CVE-2022-46100
 	RESERVED
 CVE-2022-46099
@@ -6914,7 +6914,7 @@ CVE-2022-45968 (Alist v3.4.0 is vulnerable to File Upload. A user with only file
 CVE-2022-45967
 	RESERVED
 CVE-2022-45966 (here is an arbitrary file upload vulnerability in the file management  ...)
-	TODO: check
+	NOT-FOR-US: Classcms
 CVE-2022-45965
 	RESERVED
 CVE-2022-45964
@@ -12247,7 +12247,7 @@ CVE-2022-44512
 CVE-2022-44511
 	RESERVED
 CVE-2022-44510 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-44509
 	RESERVED
 CVE-2022-44508
@@ -29228,13 +29228,13 @@ CVE-2022-38660 (HCL XPages applications are susceptible to a Cross Site Request
 CVE-2022-38659 (In specific scenarios, on Windows the operator credentials may be encr ...)
 	NOT-FOR-US: HCL
 CVE-2022-38658 (BigFix deployments that have installed the Notification Service on Win ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2022-38657
 	RESERVED
 CVE-2022-38656 (HCL Commerce, when using Elasticsearch, can allow a remote attacker to ...)
 	NOT-FOR-US: HCL
 CVE-2022-38655 (BigFix WebUI non-master operators are missing controls that prevent th ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2022-38654 (HCL Domino is susceptible to an information disclosure vulnerability.  ...)
 	NOT-FOR-US: HCL
 CVE-2022-38653 (In HCL Digital Experience, customized XSS payload can be constructed s ...)
@@ -29522,7 +29522,7 @@ CVE-2022-38548
 CVE-2022-38547
 	RESERVED
 CVE-2022-38546 (A DNS misconfiguration was found in Zyxel NBG7510 firmware versions pr ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2022-38545 (Valine v1.4.18 was discovered to contain a remote code execution (RCE) ...)
 	NOT-FOR-US: Valine
 CVE-2022-38544



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99b94bf90d3f04e57ea5ec995a2d7b3f3b28f56a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99b94bf90d3f04e57ea5ec995a2d7b3f3b28f56a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221222/0b48bc7e/attachment.htm>
