[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Dec 27 20:26:33 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
012fbc94 by Salvatore Bonaccorso at 2022-12-27T21:24:52+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65,13 +65,13 @@ CVE-2023-22277
 CVE-2023-0026
 	RESERVED
 CVE-2022-47968 (Heimdall Application Dashboard through 2.5.4 allows reflected XSS via  ...)
-	TODO: check
+	NOT-FOR-US: Heimdall Application Dashboard
 CVE-2022-47967
 	RESERVED
 CVE-2022-4767 (Denial of Service in GitHub repository usememos/memos prior to 0.9.1. ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4766 (A vulnerability was found in dolibarr_project_timesheet up to 4.5.5. I ...)
-	TODO: check
+	NOT-FOR-US: dolibarr_project_timesheet
 CVE-2022-4765
 	RESERVED
 CVE-2022-4764
@@ -111,31 +111,31 @@ CVE-2022-4748 (A vulnerability was found in FlatPress. It has been classified as
 CVE-2022-4747
 	RESERVED
 CVE-2021-4289 (A vulnerability classified as problematic was found in OpenMRS openmrs ...)
-	TODO: check
+	NOT-FOR-US: OpenMRS
 CVE-2021-4288 (A vulnerability was found in OpenMRS openmrs-module-referenceapplicati ...)
-	TODO: check
+	NOT-FOR-US: OpenMRS
 CVE-2021-4287 (A vulnerability, which was classified as problematic, was found in ReF ...)
 	TODO: check
 CVE-2021-4286 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: cocagne pysrp
 CVE-2021-4285 (A vulnerability classified as problematic was found in Nagios NCPA. Th ...)
 	TODO: check
 CVE-2021-4284 (A vulnerability classified as problematic has been found in OpenMRS HT ...)
-	TODO: check
+	NOT-FOR-US: OpenMRS
 CVE-2021-4283 (A vulnerability was found in FreeBPX voicemail. It has been rated as p ...)
-	TODO: check
+	NOT-FOR-US: FreeBPX voicemail
 CVE-2021-4282 (A vulnerability was found in FreePBX voicemail. It has been declared a ...)
-	TODO: check
+	NOT-FOR-US: FreePBX voicemail
 CVE-2020-36634 (A vulnerability classified as problematic has been found in Indeed Eng ...)
-	TODO: check
+	NOT-FOR-US: Indeed Engineering util
 CVE-2020-36633 (A vulnerability was found in moodle-block_sitenews 1.0. It has been cl ...)
-	TODO: check
+	NOT-FOR-US: moodle-block_sitenews
 CVE-2019-25090 (A vulnerability was found in FreePBX arimanager up to 13.0.5.3 and cla ...)
-	TODO: check
+	NOT-FOR-US: FreePBX arimanager
 CVE-2019-25089 (A vulnerability has been found in Morgawr Muon 0.1.1 and classified as ...)
-	TODO: check
+	NOT-FOR-US: Morgawr Muon
 CVE-2019-25088 (A vulnerability was found in ytti Oxidized Web. It has been classified ...)
-	TODO: check
+	NOT-FOR-US: ytti Oxidized Web
 CVE-2019-25087 (A vulnerability was found in RamseyK httpserver. It has been rated as  ...)
 	TODO: check
 CVE-2019-25086 (A vulnerability was found in IET-OU Open Media Player up to 1.5.0. It  ...)
@@ -8876,29 +8876,29 @@ CVE-2022-3996 (If an X.509 certificate contains a malformed policy constraint an
 CVE-2022-45435
 	RESERVED
 CVE-2022-45434 (Some Dahua software products have a vulnerability of unauthenticated u ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45433 (Some Dahua software products have a vulnerability of unauthenticated t ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45432 (Some Dahua software products have a vulnerability of unauthenticated s ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45431 (Some Dahua software products have a vulnerability of unauthenticated r ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45430 (Some Dahua software products have a vulnerability of unauthenticated e ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45429 (Some Dahua software products have a vulnerability of server-side reque ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45428 (Some Dahua software products have a vulnerability of sensitive informa ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45427 (Some Dahua software products have a vulnerability of unrestricted uplo ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45426 (Some Dahua software products have a vulnerability of unrestricted down ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45425 (Some Dahua software products have a vulnerability of using of hard-cod ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45424 (Some Dahua software products have a vulnerability of unauthenticated r ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45423 (Some Dahua software products have a vulnerability of unauthenticated r ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2022-45422 (When LG SmartShare is installed, local privilege escalation is possibl ...)
 	NOT-FOR-US: LG
 CVE-2022-45122 (Cross-site scripting vulnerability in Movable Type Movable Type 7 r.53 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/012fbc94e50a17d9ce9dab67d5148f84bd64e76b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/012fbc94e50a17d9ce9dab67d5148f84bd64e76b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221227/b5966ae8/attachment.htm>
