[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sun Jul 31 20:13:47 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d1c49912 by Salvatore Bonaccorso at 2022-07-31T21:12:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6313,7 +6313,7 @@ CVE-2022-34498
 CVE-2022-34497
 	RESERVED
 CVE-2022-34496 (Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upl ...)
-	TODO: check
+	NOT-FOR-US: Hiby R3 PRO firmware
 CVE-2022-34495 (rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel be ...)
 	- linux 5.18.5-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -18441,7 +18441,7 @@ CVE-2022-30085
 CVE-2022-30084
 	RESERVED
 CVE-2022-30083 (EllieGrid Android Application version 3.4.1 is vulnerable to Code Inje ...)
-	TODO: check
+	NOT-FOR-US: EllieGrid Android Application
 CVE-2022-30082
 	RESERVED
 CVE-2022-30081
@@ -25012,11 +25012,11 @@ CVE-2022-27868 (A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be u
 CVE-2022-27867 (A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 20 ...)
 	NOT-FOR-US: Autodesk
 CVE-2022-27866 (A maliciously crafted TIFF file when consumed through DesignReview.exe ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-27865 (A maliciously crafted TGA or PCX file may be used to write beyond the  ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-27864 (A Double Free vulnerability allows remote attackers to execute arbitra ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-27186
 	RESERVED
 CVE-2022-27177 (A Python format string issue leading to information disclosure and pot ...)
@@ -43496,7 +43496,7 @@ CVE-2022-22282 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earli
 CVE-2022-22281 (A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender W ...)
 	NOT-FOR-US: SonicWall
 CVE-2022-22280 (Improper Neutralization of Special Elements used in an SQL Command lea ...)
-	TODO: check
+	NOT-FOR-US: Sonicwall
 CVE-2022-22279 (** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file r ...)
 	NOT-FOR-US: Sonicwall
 CVE-2022-22278 (A vulnerability in SonicOS CFS (Content filtering service) returns a l ...)
@@ -95303,7 +95303,7 @@ CVE-2021-27787
 CVE-2021-27786 (Cross-origin resource sharing (CORS) enables browsers to perform cross ...)
 	NOT-FOR-US: HCL
 CVE-2021-27785 (HCL Commerce's Remote Store server could allow a local attacker to obt ...)
-	TODO: check
+	NOT-FOR-US: HCL Commerce's Remote Store server
 CVE-2021-27784
 	RESERVED
 CVE-2021-27783 (User generated PPKG file for Bulk Enroll may have unencrypted sensitiv ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1c499127d2bd4b7b59ee9bf7ba0797b3fc086b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1c499127d2bd4b7b59ee9bf7ba0797b3fc086b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220731/e8452bdf/attachment.htm>
