[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 7 21:25:19 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70d9379d by Salvatore Bonaccorso at 2022-06-07T22:24:46+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2947,19 +2947,19 @@ CVE-2022-31500 (In KNIME Analytics Platform below 4.6.0, the Windows installer s
 CVE-2022-31499
 	RESERVED
 CVE-2022-31498 (LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match_dialo ...)
-	TODO: check
+	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31497
 	RESERVED
 CVE-2022-31496
 	RESERVED
 CVE-2022-31495 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page ...)
-	TODO: check
+	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31494 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php action XSS. ...)
-	TODO: check
+	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31493 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php acl_id XSS. ...)
 	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31492 (Cross Site scripting (XSS) vulnerability inLibreHealth EHR Base 2.0.0  ...)
-	TODO: check
+	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31491
 	RESERVED
 CVE-2022-31490
@@ -4014,7 +4014,7 @@ CVE-2022-31021
 CVE-2022-31020
 	RESERVED
 CVE-2022-31019 (Vapor is a server-side Swift HTTP web framework. When using automatic  ...)
-	TODO: check
+	NOT-FOR-US: Vapor
 CVE-2022-31018 (Play Framework is a web framework for Java and Scala. A denial of serv ...)
 	NOT-FOR-US: Play Framework
 CVE-2022-31017
@@ -4370,87 +4370,87 @@ CVE-2022-30751
 CVE-2022-30750
 	RESERVED
 CVE-2022-30749 (Improper access control vulnerability in Smart Things prior to 1.7.85. ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30748 (Unprotected dynamic receiver in Samsung Members prior to version 4.2.0 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30747 (PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85. ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30746 (Missing caller check in Smart Things prior to version 1.7.85.12 allows ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30745 (Improper access control vulnerability in Quick Share prior to version  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30744 (DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30743 (Improper privilege management vulnerability in Samsung Account prior t ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30742 (Sensitive information exposure vulnerability in FmmExtraOperation of F ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30741 (Sensitive information exposure vulnerability in SimChangeAlertManger o ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30740 (Improper auto-fill algorithm in Samsung Internet prior to version 17.0 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30739 (Improper privilege management vulnerability in Samsung Account prior t ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30738 (Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30737 (Implicit Intent hijacking vulnerability in Samsung Account prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30736 (Improper privilege management vulnerability in Samsung Account prior t ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30735 (Improper privilege management vulnerability in Samsung Account prior t ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30734 (Sensitive information exposure in Sign-out log in Samsung Account prio ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30733 (Sensitive information exposure in Sign-in log in Samsung Account prior ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30732 (Exposure of Sensitive Information vulnerability in Samsung Account pri ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30731 (Improper access control vulnerability in My Files prior to version 13. ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30730 (Improper authorization in Samsung Pass prior to 1.0.00.33 allows physi ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30729 (Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30728 (Information exposure vulnerability in ScanPool prior to SMR Jun-2022 R ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30727 (Improper handling of insufficient permissions vulnerability in addAppP ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30726 (Unprotected component vulnerability in DeviceSearchTrampoline in SecSe ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30725 (Broadcasting Intent including the BluetoothDevice object without prope ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30724 (Broadcasting Intent including the BluetoothDevice object without prope ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30723 (Broadcasting Intent including the BluetoothDevice object without prope ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30722 (Implicit Intent hijacking vulnerability in Samsung Account prior to SM ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30721 (Improper input validation check logic vulnerability in libsmkvextracto ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30720 (Improper input validation check logic vulnerability in libsmkvextracto ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30719 (Improper input validation check logic vulnerability in libsmkvextracto ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30718
 	RESERVED
 CVE-2022-30717 (Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allo ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30716 (Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast pri ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30715 (Improper access control vulnerability in DofViewer prior to SMR Jun-20 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30714 (Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30713 (Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30712 (Improper validation vulnerability in KfaOptions prior to SMR Jun-2022  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30711 (Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 R ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30710 (Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-30709 (Improper input validation check logic vulnerability in SECRIL prior to ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-29888
 	RESERVED
 CVE-2022-25932
@@ -4542,7 +4542,7 @@ CVE-2022-30929
 CVE-2022-30928
 	RESERVED
 CVE-2022-30927 (A SQL injection vulnerability exists in Simple Task Scheduling System  ...)
-	TODO: check
+	NOT-FOR-US: Simple Task Scheduling System
 CVE-2022-30926
 	RESERVED
 CVE-2022-30925



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70d9379d4672f463e33218e97e254d18e948db29

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70d9379d4672f463e33218e97e254d18e948db29
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220607/d42a3444/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list