[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 4 07:56:02 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d1040cdb by Salvatore Bonaccorso at 2022-06-04T08:55:34+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,13 +27,13 @@ CVE-2022-1993
 CVE-2022-1992
 	RESERVED
 CVE-2022-1991 (A vulnerability classified as problematic has been found in Fast Food  ...)
-	TODO: check
+	NOT-FOR-US: Fast Food Ordering System
 CVE-2022-1990
 	RESERVED
 CVE-2022-1989
 	RESERVED
 CVE-2022-1988 (Cross-site Scripting (XSS) - Generic in GitHub repository neorazorx/fa ...)
-	TODO: check
+	NOT-FOR-US: neorazorx/facturascripts
 CVE-2022-32274
 	RESERVED
 CVE-2022-32273
@@ -1209,7 +1209,7 @@ CVE-2022-1931 (Incorrect Synchronization in GitHub repository polonel/trudesk pr
 CVE-2022-1930
 	RESERVED
 CVE-2022-1929 (An exponential ReDoS (Regular Expression Denial of Service) can be tri ...)
-	TODO: check
+	NOT-FOR-US: devcert Nodejs module
 CVE-2022-1928 (Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gite ...)
 	- gitea <removed>
 CVE-2022-1927 (Buffer Over-read in GitHub repository vim/vim prior to 8.2. ...)
@@ -1338,7 +1338,7 @@ CVE-2022-1904
 CVE-2022-1903
 	RESERVED
 CVE-2020-36528 (A vulnerability, which was classified as critical, was found in Platin ...)
-	TODO: check
+	NOT-FOR-US: Platinum Mobile
 CVE-2022-31763
 	RESERVED
 CVE-2022-31762
@@ -3306,13 +3306,13 @@ CVE-2022-31030
 CVE-2022-31029
 	RESERVED
 CVE-2022-31028 (MinIO is a multi-cloud object storage solution. Starting with version  ...)
-	TODO: check
+	NOT-FOR-US: MinIO
 CVE-2022-31027
 	RESERVED
 CVE-2022-31026
 	RESERVED
 CVE-2022-31025 (Discourse is an open source platform for community discussion. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2022-31024 (richdocuments is the repository for NextCloud Collabra, the app for Ne ...)
 	TODO: check
 CVE-2022-31023 (Play Framework is a web framework for Java and Scala. Verions prior to ...)
@@ -30592,11 +30592,11 @@ CVE-2022-0081
 CVE-2021-45984
 	RESERVED
 CVE-2021-45983 (NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution. ...)
-	TODO: check
+	NOT-FOR-US: NetScout
 CVE-2021-45982 (NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged ...)
-	TODO: check
+	NOT-FOR-US: NetScout
 CVE-2021-45981 (NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. ...)
-	TODO: check
+	NOT-FOR-US: NetScout
 CVE-2021-45980 (Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote atta ...)
 	NOT-FOR-US: Foxit
 CVE-2021-45979 (Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote atta ...)
@@ -42832,25 +42832,25 @@ CVE-2021-42895
 CVE-2021-42894
 	RESERVED
 CVE-2021-42893 (In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive in ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42892 (In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet withou ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42891 (In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive in ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42890 (TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vul ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42889 (In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive in ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42888 (TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vul ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42887 (In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sen ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42886 (TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vuln ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42885 (TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vul ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42884 (TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vul ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-42883
 	RESERVED
 CVE-2021-42882



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1040cdbf875c7e06a1f0b32c38a905c25fac9ad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1040cdbf875c7e06a1f0b32c38a905c25fac9ad
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220604/2aa8c3a5/attachment.htm>

More information about the debian-security-tracker-commits mailing list