[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jul 6 12:30:54 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
032b71d6 by Moritz Muehlenhoff at 2022-07-06T13:30:33+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2022-2323
 CVE-2022-2322
 	RESERVED
 CVE-2022-2321 (Login Bruteforce attacks ...)
-	TODO: check
+	NOT-FOR-US: Nakama
 CVE-2022-35230
 	RESERVED
 CVE-2022-35229
@@ -686,7 +686,7 @@ CVE-2022-34917
 CVE-2022-34916
 	RESERVED
 CVE-2022-2306 (Old session tokens can be used to authenticate to the application and  ...)
-	TODO: check
+	NOT-FOR-US: Nakama
 CVE-2022-2305
 	RESERVED
 CVE-2022-2304 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...)
@@ -3146,7 +3146,7 @@ CVE-2022-34045
 CVE-2022-34044
 	RESERVED
 CVE-2022-34043 (Incorrect permissions for the folder C:\ProgramData\NoMachine\var\unin ...)
-	TODO: check
+	NOT-FOR-US: NoMachine Windows builds
 CVE-2022-34042
 	RESERVED
 CVE-2022-34041
@@ -5419,7 +5419,7 @@ CVE-2022-33084
 CVE-2022-33083
 	RESERVED
 CVE-2022-33082 (An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10 ...)
-	TODO: check
+	NOT-FOR-US: Open Policy Agent
 CVE-2022-33081
 	RESERVED
 CVE-2022-33080
@@ -5520,11 +5520,11 @@ CVE-2022-33039
 CVE-2022-33038
 	RESERVED
 CVE-2022-33037 (A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute ar ...)
-	TODO: check
+	NOT-FOR-US: Orwell-Dev-Cpp
 CVE-2022-33036 (A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execut ...)
-	TODO: check
+	NOT-FOR-US: Embarcadero Dev-CPP
 CVE-2022-33035 (XLPD v7.0.0094 and below contains an unquoted service path vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: XLPD
 CVE-2022-33034 (LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via t ...)
 	- libredwg <itp> (bug #595191)
 CVE-2022-33033 (LibreDWG v0.12.4.4608 was discovered to contain a double-free via the  ...)
@@ -5774,7 +5774,7 @@ CVE-2022-32973 (An authenticated attacker could create an audit file that bypass
 CVE-2022-32972
 	RESERVED
 CVE-2022-32969 (MetaMask before 10.11.3 might allow an attacker to access a user's sec ...)
-	TODO: check
+	NOT-FOR-US: MetaTask
 CVE-2022-32968
 	RESERVED
 CVE-2022-32967
@@ -6763,6 +6763,7 @@ CVE-2022-32534 (The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.
 	NOT-FOR-US: Bosch
 CVE-2022-32533
 	RESERVED
+	NOT-FOR-US: Apache Portals Jetspeed
 CVE-2022-32532 (Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured  ...)
 	- shiro <unfixed>
 	[bullseye] - shiro <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/032b71d6f13aaa39f445b0efa5ecbac5e62d5091

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/032b71d6f13aaa39f445b0efa5ecbac5e62d5091
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220706/dc36eb19/attachment.htm>

More information about the debian-security-tracker-commits mailing list