[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Jul 14 09:23:44 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ef33e29 by Salvatore Bonaccorso at 2022-07-14T10:23:18+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -507,11 +507,11 @@ CVE-2022-35630
 CVE-2022-35629
 	RESERVED
 CVE-2022-35628 (A SQL injection issue was discovered in the lux extension before 17.6. ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2022-35627
 	RESERVED
 CVE-2022-2385 (A security issue was discovered in aws-iam-authenticator where an allo ...)
-	TODO: check
+	NOT-FOR-US: Kubernetes aws-iam-authenticator
 CVE-2022-2384
 	RESERVED
 CVE-2022-2383
@@ -2641,31 +2641,31 @@ CVE-2022-2247
 CVE-2022-2246
 	REJECTED
 CVE-2022-34765 (A CWE-73: External Control of File Name or Path vulnerability exists t ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34764 (A CWE-119: Improper Restriction of Operations within the Bounds of a M ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34763 (A CWE-345: Insufficient Verification of Data Authenticity vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34762 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34761 (A CWE-476: NULL Pointer Dereference vulnerability exists that could ca ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34760 (A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vuln ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34759 (A CWE-787: Out-of-bounds Write vulnerability exists that could cause a ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34758 (A CWE-20: Improper Input Validation vulnerability exists that could ca ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34757 (A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34756 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34755
 	RESERVED
 CVE-2022-34754 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34753 (A CWE-78: Improper Neutralization of Special Elements used in an OS Co ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2022-34752
 	RESERVED
 CVE-2022-34751
@@ -2740,7 +2740,7 @@ CVE-2017-20131
 CVE-2017-20130
 	RESERVED
 CVE-2017-20129 (A vulnerability was found in LogoStore. It has been classified as crit ...)
-	TODO: check
+	NOT-FOR-US: LogoStore
 CVE-2017-20128 (A vulnerability has been found in KB Messages PHP Script 1.0 and class ...)
 	NOT-FOR-US: KB Messages PHP Script
 CVE-2017-20127 (A vulnerability was found in KB Login Authentication Script 1.1 and cl ...)
@@ -6724,13 +6724,13 @@ CVE-2022-33159
 CVE-2022-33158
 	RESERVED
 CVE-2022-33157 (The libconnect extension before 7.0.8 and 8.x before 8.1.0 for TYPO3 a ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2022-33156 (The matomo_integration (aka Matomo Integration) extension before 1.3.2 ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2022-33155 (The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner  ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2022-33154 (The schema (aka Embedding schema.org vocabulary) extension before 1.13 ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2022-33153
 	RESERVED
 CVE-2022-33152



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ef33e294a3575fb15d66e1be0f9d94f47c36f8c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ef33e294a3575fb15d66e1be0f9d94f47c36f8c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220714/61f94b02/attachment-0001.htm>
