[Git][security-tracker-team/security-tracker][master] Process NFUs

Wed Feb 16 08:28:58 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c666082 by Salvatore Bonaccorso at 2022-02-16T09:28:32+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,9 +5,9 @@ CVE-2022-25244
 CVE-2022-25243
 	RESERVED
 CVE-2022-25242 (In FileCloud before 21.3, file upload is not protected against Cross-S ...)
-	TODO: check
+	NOT-FOR-US: FileCloud
 CVE-2022-25241 (In FileCloud before 21.3, the CSV user import functionality is vulnera ...)
-	TODO: check
+	NOT-FOR-US: FileCloud
 CVE-2022-25240
 	RESERVED
 CVE-2022-25239
@@ -224,9 +224,9 @@ CVE-2022-25149
 CVE-2022-25148
 	RESERVED
 CVE-2022-0612 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
-	TODO: check
+	NOT-FOR-US: livehelperchat
 CVE-2022-0611 (Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3 ...)
-	TODO: check
+	NOT-FOR-US: snipe-it
 CVE-2019-25057 (In Corda before 4.1, the meaning of serialized data can be modified vi ...)
 	NOT-FOR-US: Corda
 CVE-2022-25147
@@ -5009,7 +5009,7 @@ CVE-2022-23643 (Sourcegraph is a code search and navigation engine. Sourcegraph
 CVE-2022-23642
 	RESERVED
 CVE-2022-23641 (Discourse is an open source discussion platform. In versions prior to  ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2022-23640
 	RESERVED
 CVE-2022-23639 (crossbeam-utils provides atomics, synchronization primitives, scoped t ...)
@@ -6078,7 +6078,7 @@ CVE-2021-46323 (Espruino 2v11.251 was discovered to contain a SEGV vulnerability
 CVE-2021-46322 (Duktape v2.99.99 was discovered to contain a SEGV vulnerability via th ...)
 	NOT-FOR-US: Duktape
 CVE-2021-46321 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-46320 (In OpenZeppelin <=v4.4.0, initializer functions that are invoked se ...)
 	NOT-FOR-US: OpenZeppelin
 CVE-2021-46319
@@ -7544,13 +7544,13 @@ CVE-2021-46267
 CVE-2021-46266
 	RESERVED
 CVE-2021-46265 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-46264 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-46263 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-46262 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-46261
 	RESERVED
 CVE-2021-46260
@@ -36704,7 +36704,7 @@ CVE-2021-37356
 CVE-2021-37355
 	RESERVED
 CVE-2021-37354 (Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer ov ...)
-	TODO: check
+	NOT-FOR-US: Xerox
 CVE-2021-37353 (Nagios XI Docker Wizard before version 1.1.3 is vulnerable to SSRF due ...)
 	NOT-FOR-US: Nagios XI
 CVE-2021-37352 (An open redirect vulnerability exists in Nagios XI before version 5.8. ...)
@@ -41445,7 +41445,7 @@ CVE-2021-35382
 CVE-2021-35381
 	RESERVED
 CVE-2021-35380 (A Directory Traversal vulnerability exists in Solari di Udine TermTalk ...)
-	TODO: check
+	NOT-FOR-US: Solari di Udine TermTalk Server (TTServer)
 CVE-2021-35379
 	RESERVED
 CVE-2021-35378
@@ -44673,7 +44673,7 @@ CVE-2021-33947
 CVE-2021-33946
 	RESERVED
 CVE-2021-33945 (RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN ...)
-	TODO: check
+	NOT-FOR-US: RICOH
 CVE-2021-33944
 	RESERVED
 CVE-2021-33943



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c66608237b1614ec51cafc53aa3eca58bec2bb6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c66608237b1614ec51cafc53aa3eca58bec2bb6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220216/4e6a2a8c/attachment.htm>
