[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 28 20:25:55 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29204586 by Salvatore Bonaccorso at 2022-12-28T21:24:44+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,39 +5,39 @@ CVE-2022-4816
 CVE-2022-4815
 	RESERVED
 CVE-2022-4814 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4813 (Insufficient Granularity of Access Control in GitHub repository usemem ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4812 (Comparison of Object References Instead of Object Contents in GitHub r ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4811 (Improper Authorization in GitHub repository usememos/memos prior to 0. ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4810 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4809 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4808 (Improper Privilege Management in GitHub repository usememos/memos prio ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4807 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4806 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4805 (Incorrect Use of Privileged APIs in GitHub repository usememos/memos p ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4804 (Improper Authorization in GitHub repository usememos/memos prior to 0. ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4803 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4802 (Improper Authorization in GitHub repository usememos/memos prior to 0. ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4801 (Insufficient Granularity of Access Control in GitHub repository usemem ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4800 (Improper Verification of Source of a Communication Channel in GitHub r ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-47990
 	RESERVED
 CVE-2022-4799 (Improper Authentication in GitHub repository usememos/memos prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-47989
 	RESERVED
 CVE-2022-47988
@@ -59,7 +59,7 @@ CVE-2022-47981
 CVE-2022-47980
 	RESERVED
 CVE-2022-4798 (Improper Authorization in GitHub repository usememos/memos prior to 0. ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-47979
 	RESERVED
 CVE-2022-47978
@@ -73,9 +73,9 @@ CVE-2022-47975
 CVE-2022-47974
 	RESERVED
 CVE-2022-4797 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4796 (Incorrect Use of Privileged APIs in GitHub repository usememos/memos p ...)
-	TODO: check
+	NOT-FOR-US: usememos
 CVE-2022-4795
 	RESERVED
 CVE-2022-4794
@@ -107,11 +107,11 @@ CVE-2022-4782
 CVE-2022-4781
 	RESERVED
 CVE-2022-4780 (ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credential ...)
-	TODO: check
+	NOT-FOR-US: ISOS firmwares
 CVE-2022-4779 (StreamX applications from versions 6.02.01 to 6.04.34 are affected by  ...)
-	TODO: check
+	NOT-FOR-US: StreamX applications
 CVE-2022-4778 (StreamX applications from versions 6.02.01 to 6.04.34 are affected by  ...)
-	TODO: check
+	NOT-FOR-US: StreamX applications
 CVE-2021-46868
 	RESERVED
 CVE-2021-46867
@@ -125,7 +125,7 @@ CVE-2019-25092 (A vulnerability classified as problematic was found in Nakiami M
 CVE-2018-25056 (A vulnerability, which was classified as problematic, was found in yol ...)
 	TODO: check
 CVE-2018-25055 (A vulnerability was found in FarCry Solr Pro Plugin up to 1.5.x. It ha ...)
-	TODO: check
+	NOT-FOR-US: FarCry Solr Pro Plugin
 CVE-2018-25054 (A vulnerability was found in shred cilla. It has been classified as pr ...)
 	TODO: check
 CVE-2018-25053 (A vulnerability was found in moappi Json2html up to 1.1.x and classifi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2920458623ce57de697ad3c721449d8157491a1c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2920458623ce57de697ad3c721449d8157491a1c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221228/33864b4e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list