[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 7 09:31:39 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ef2b1cb0 by Salvatore Bonaccorso at 2022-07-07T10:31:26+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8691,7 +8691,7 @@ CVE-2022-31858
 CVE-2022-31857
 	RESERVED
 CVE-2022-31856 (Newsletter Module v3.x was discovered to contain a SQL injection vulne ...)
-	TODO: check
+	NOT-FOR-US: OpenCart Newsletter Module
 CVE-2022-31855
 	RESERVED
 CVE-2022-31854
@@ -8731,7 +8731,7 @@ CVE-2022-31838
 CVE-2022-31837
 	RESERVED
 CVE-2022-31836 (The leafInfo.match() function in Beego v2.0.3 and below uses path.join ...)
-	TODO: check
+	NOT-FOR-US: Beego
 CVE-2022-31835
 	RESERVED
 CVE-2022-31834
@@ -9581,9 +9581,9 @@ CVE-2022-31607
 CVE-2022-31606
 	RESERVED
 CVE-2022-31605 (NVFLARE, versions prior to 2.1.2, contains a vulnerability in its util ...)
-	TODO: check
+	NOT-FOR-US: NVFLARE
 CVE-2022-31604 (NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI  ...)
-	TODO: check
+	NOT-FOR-US: NVFLARE
 CVE-2022-31603 (NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, whe ...)
 	NOT-FOR-US: NVIDIA
 CVE-2022-31602 (NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, whe ...)
@@ -10844,7 +10844,7 @@ CVE-2022-31133
 CVE-2022-31132
 	RESERVED
 CVE-2022-31131 (Nextcloud mail is a Mail app for the Nextcloud home server product. Ve ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Mail app
 CVE-2022-31130
 	RESERVED
 CVE-2022-31129 (moment is a JavaScript date library for parsing, validating, manipulat ...)
@@ -17432,7 +17432,7 @@ CVE-2022-28937 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue
 CVE-2022-28936 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where  ...)
 	NOT-FOR-US: FISCO-BCOS
 CVE-2022-28935 (Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20 ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2022-28934
 	RESERVED
 CVE-2022-28933
@@ -21466,9 +21466,9 @@ CVE-2022-27551
 CVE-2022-27550
 	RESERVED
 CVE-2022-27549 (HCL Launch may store certain data for recurring activities in a plain  ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2022-27548 (HCL Launch stores user credentials in plain clear text which can be re ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2022-27547
 	RESERVED
 CVE-2022-27546
@@ -24617,7 +24617,7 @@ CVE-2022-26414 (A potential buffer overflow vulnerability was identified in some
 CVE-2022-26413 (A command injection vulnerability in the CGI program of Zyxel VMG3312- ...)
 	NOT-FOR-US: Zyxel
 CVE-2022-26348 (Command Centre Server is vulnerable to SQL Injection via Windows Regis ...)
-	TODO: check
+	NOT-FOR-US: gallagher
 CVE-2022-26347
 	RESERVED
 CVE-2022-26339
@@ -24627,7 +24627,7 @@ CVE-2022-26123
 CVE-2022-26087
 	RESERVED
 CVE-2022-26078 (Gallagher Controller 6000 is vulnerable to a Denial of Service attack  ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2022-26058
 	RESERVED
 CVE-2022-26055
@@ -31485,13 +31485,13 @@ CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN and AX12 22.03.01.2_CN was discovered
 CVE-2022-24142 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
 	NOT-FOR-US: Tenda routers
 CVE-2022-24141 (The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to d ...)
-	TODO: check
+	NOT-FOR-US: iTop VPN
 CVE-2022-24140 (IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, ...)
 	TODO: check
 CVE-2022-24139 (In IOBit Advanced System Care (AscService.exe) 15, an attacker with SE ...)
-	TODO: check
+	NOT-FOR-US: IOBit Advanced System Care
 CVE-2022-24138 (IOBit Advanced System Care (Asc.exe) 15 and Action Download Center bot ...)
-	TODO: check
+	NOT-FOR-US: IOBit Advanced System Care
 CVE-2022-24137
 	RESERVED
 CVE-2022-24136 (Hospital Management System v1.0 is affected by an unrestricted upload  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2b1cb0ec386c976d63dbe819549d1e45a36fc9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2b1cb0ec386c976d63dbe819549d1e45a36fc9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220707/04dcbbcf/attachment.htm>

More information about the debian-security-tracker-commits mailing list