[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jul 29 11:23:05 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7870a5cf by Moritz Muehlenhoff at 2022-07-29T12:22:44+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -619,7 +619,7 @@ CVE-2022-36754
 CVE-2022-36753
 	RESERVED
 CVE-2022-36752 (png2webp v1.0.4 was discovered to contain an out-of-bounds write via t ...)
-	TODO: check
+	NOT-FOR-US: png2webp
 CVE-2022-36751
 	RESERVED
 CVE-2022-36750
@@ -1909,7 +1909,7 @@ CVE-2022-36236
 CVE-2022-36235
 	RESERVED
 CVE-2022-36234 (SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af44 ...)
-	TODO: check
+	NOT-FOR-US: SimpleNetwork TCP Server
 CVE-2022-36233
 	RESERVED
 CVE-2022-36232
@@ -5936,7 +5936,7 @@ CVE-2022-34595 (Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command i
 CVE-2022-34594 (Advanced School Management System v1.0 was discovered to contain a cro ...)
 	NOT-FOR-US: Advanced School Management System
 CVE-2022-34593 (DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read  ...)
-	TODO: check
+	NOT-FOR-US: DPTech VPN
 CVE-2022-34592 (Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a co ...)
 	NOT-FOR-US: Wavlink
 CVE-2022-34591
@@ -5962,11 +5962,11 @@ CVE-2022-34582
 CVE-2022-34581
 	RESERVED
 CVE-2022-34580 (Advanced School Management System v1.0 was discovered to contain a cro ...)
-	TODO: check
+	NOT-FOR-US: Advanced School Management System
 CVE-2022-34579
 	RESERVED
 CVE-2022-34578 (Open Source Point of Sale v3.3.7 was discovered to contain an arbitrar ...)
-	TODO: check
+	NOT-FOR-US: Open Source Point of Sale
 CVE-2022-34577 (A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 all ...)
 	NOT-FOR-US: Wavlink
 CVE-2022-34576 (A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M ...)
@@ -6006,13 +6006,13 @@ CVE-2022-34560
 CVE-2022-34559
 	RESERVED
 CVE-2022-34558 (WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon ...)
-	TODO: check
+	NOT-FOR-US: WMCore
 CVE-2022-34557 (Barangay Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Barangay Management System
 CVE-2022-34556 (PicoC v3.2.2 was discovered to contain a NULL pointer dereference at v ...)
-	TODO: check
+	NOT-FOR-US: Node picoc-js
 CVE-2022-34555 (TP-LINK TL-R473G 2.0.1 Build 220529 Rel.65574n was discovered to conta ...)
-	TODO: check
+	NOT-FOR-US: TP-LINK
 CVE-2022-34554
 	RESERVED
 CVE-2022-34553
@@ -19877,7 +19877,7 @@ CVE-2021-46784 (In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.
 CVE-2022-29559
 	RESERVED
 CVE-2022-29558 (Realtek rtl819x-SDK before v3.6.1 allows command injection over the we ...)
-	TODO: check
+	NOT-FOR-US: Realtek
 CVE-2022-29557
 	RESERVED
 CVE-2022-29556 (The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise  ...)
@@ -20416,7 +20416,7 @@ CVE-2022-29361 (** DISPUTED ** Improper parsing of HTTP requests in Pallets Werk
 	NOTE: Disputed Werkzeug issue, no security impact
 	NOTE: https://github.com/pallets/werkzeug/issues/2420
 CVE-2022-29360 (The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted em ...)
-	TODO: check
+	NOT-FOR-US: RainLoop
 CVE-2022-29359 (A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs ...)
 	NOT-FOR-US: School Club Application System
 CVE-2022-29358 (epub2txt2 v2.04 was discovered to contain an integer overflow via the  ...)
@@ -66303,7 +66303,7 @@ CVE-2021-39090
 CVE-2021-39089
 	RESERVED
 CVE-2021-39088 (IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege esc ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-39087
 	RESERVED
 CVE-2021-39086



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7870a5cf3002ef5db0bf75d2f15a420d8a584415

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7870a5cf3002ef5db0bf75d2f15a420d8a584415
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220729/36eb9e3f/attachment.htm>

More information about the debian-security-tracker-commits mailing list