[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Jun 1 09:58:19 BST 2022


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8edab209 by Neil Williams at 2022-06-01T09:58:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19639,7 +19639,7 @@ CVE-2022-25239
 CVE-2022-25238
 	RESERVED
 CVE-2022-25237 (Bonita Web 2021.2 is affected by a authentication/authorization bypass ...)
-	TODO: check
+	NOT-FOR-US: Bonita Web
 CVE-2022-25236 (xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to in ...)
 	{DSA-5085-1 DLA-2935-1}
 	- expat 2.4.5-1 (bug #1005895)
@@ -20442,7 +20442,7 @@ CVE-2022-24969
 CVE-2022-24968 (In Mellium mellium.im/xmpp through 0.21.0, an attacker capable of spoo ...)
 	NOT-FOR-US: Mellium
 CVE-2022-24967 (Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting ( ...)
-	TODO: check
+	NOT-FOR-US: Black Rainbow NIMBUS
 CVE-2022-24966
 	RESERVED
 CVE-2022-24965
@@ -21268,11 +21268,11 @@ CVE-2022-0557 (OS Command Injection in Packagist microweber/microweber prior to
 CVE-2022-24703
 	RESERVED
 CVE-2022-24702 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9 ...)
-	TODO: check
+	NOT-FOR-US: WinAPRS
 CVE-2022-24701 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9 ...)
-	TODO: check
+	NOT-FOR-US: WinAPRS
 CVE-2022-24700 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9 ...)
-	TODO: check
+	NOT-FOR-US: WinAPRS
 CVE-2022-0556 (A local privilege escalation vulnerability caused by incorrect permiss ...)
 	NOT-FOR-US: Zyxel
 CVE-2022-0555
@@ -22842,13 +22842,13 @@ CVE-2022-24243
 CVE-2022-24242
 	RESERVED
 CVE-2022-24241 (ACEweb Online Portal 3.5.065 was discovered to contain an External Con ...)
-	TODO: check
+	NOT-FOR-US: ACEweb Online Portal
 CVE-2022-24240 (ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection ...)
-	TODO: check
+	NOT-FOR-US: ACEweb Online Portal
 CVE-2022-24239 (ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted ...)
-	TODO: check
+	NOT-FOR-US: ACEweb Online Portal
 CVE-2022-24238 (ACEweb Online Portal 3.5.065 was discovered to contain a cross-site sc ...)
-	TODO: check
+	NOT-FOR-US: ACEweb Online Portal
 CVE-2022-24237 (The snaptPowered2 component of Snapt Aria v12.8 was discovered to cont ...)
 	NOT-FOR-US: Snapt Aria
 CVE-2022-24236 (An insecure permissions vulnerability in Snapt Aria v12.8 allows unaut ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8edab209fa6db8f7618a6bc3d1d81a6bdbf62da7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8edab209fa6db8f7618a6bc3d1d81a6bdbf62da7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220601/cc74d491/attachment.htm>
