[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jul 8 20:52:24 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b45c71c by Salvatore Bonaccorso at 2022-07-08T21:51:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1216,7 +1216,7 @@ CVE-2022-2278
 CVE-2022-2277
 	RESERVED
 CVE-2021-4234 (OpenVPN Access Server 2.10 and prior versions are susceptible to resen ...)
-	TODO: check
+	NOT-FOR-US: OpenVPN Access Server
 CVE-2022-34893
 	RESERVED
 CVE-2022-34892
@@ -1549,7 +1549,7 @@ CVE-2022-2250 (An open redirect vulnerability in GitLab EE/CE affecting all vers
 CVE-2021-46826
 	RESERVED
 CVE-2021-46825 (Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to  ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2022-33967
 	RESERVED
 CVE-2022-2249
@@ -2039,7 +2039,7 @@ CVE-2022-34600
 CVE-2022-34599
 	RESERVED
 CVE-2022-34598 (The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 por ...)
-	TODO: check
+	NOT-FOR-US: udpserver in H3C Magic R100 V200R004 and V100R005
 CVE-2022-34597 (Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vu ...)
 	NOT-FOR-US: Tenda
 CVE-2022-34596 (Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injecti ...)
@@ -2051,7 +2051,7 @@ CVE-2022-34594
 CVE-2022-34593
 	RESERVED
 CVE-2022-34592 (Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a co ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2022-34591
 	RESERVED
 CVE-2022-34590
@@ -3605,7 +3605,7 @@ CVE-2022-33998
 CVE-2022-33997
 	RESERVED
 CVE-2022-33996 (Incorrect permission management in Devolutions Server before 2022.2 al ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Server
 CVE-2022-33995 (A path traversal issue in entry attachments in Devolutions Remote Desk ...)
 	NOT-FOR-US: Devolutions
 CVE-2022-33994
@@ -4442,9 +4442,9 @@ CVE-2022-33740 (Linux disk/nic frontends data leaks T[his CNA information record
 CVE-2022-33739 (CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing v ...)
 	NOT-FOR-US: CA Clarity
 CVE-2022-33738 (OpenVPN Access Server before 2.11 uses a weak random generator used to ...)
-	TODO: check
+	NOT-FOR-US: OpenVPN Access Server
 CVE-2022-33737 (The OpenVPN Access Server installer creates a log file readable for ev ...)
-	TODO: check
+	NOT-FOR-US: OpenVPN Access Server
 CVE-2022-33736
 	RESERVED
 CVE-2022-33202 (Authentication bypass vulnerability in the setup screen of L2Blocker(o ...)
@@ -4566,7 +4566,7 @@ CVE-2022-33682
 CVE-2022-33681
 	RESERVED
 CVE-2022-33680 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability.  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2022-33679
 	RESERVED
 CVE-2022-33678
@@ -5762,7 +5762,7 @@ CVE-2022-33099 (An issue in the component luaG_runerror of Lua v5.4.4 and below
 	NOTE: https://lua-users.org/lists/lua-l/2022-05/msg00073.html
 	TODO: check older lua versions
 CVE-2022-33098 (Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting  ...)
-	TODO: check
+	NOT-FOR-US: Magnolia CMS
 CVE-2022-33097 (74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability ...)
 	NOT-FOR-US: 74cmsSE
 CVE-2022-33096 (74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability ...)
@@ -7306,7 +7306,7 @@ CVE-2022-32483
 CVE-2022-32482
 	RESERVED
 CVE-2022-32481 (Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a p ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-32480
 	RESERVED
 CVE-2022-32479
@@ -7407,7 +7407,7 @@ CVE-2022-32451
 CVE-2022-32450
 	RESERVED
 CVE-2022-32449 (TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command inj ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2022-32448
 	RESERVED
 CVE-2022-32447



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b45c71cdedcc40e9d05ff3abc347512759c73bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b45c71cdedcc40e9d05ff3abc347512759c73bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220708/ef82254b/attachment.htm>

More information about the debian-security-tracker-commits mailing list