[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 14 21:44:53 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a0b5d844 by Salvatore Bonaccorso at 2022-06-14T22:42:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5141,13 +5141,13 @@ CVE-2022-31313 (api-res-py package in PyPI 0.1 is vulnerable to a code execution
 CVE-2022-31312
 	RESERVED
 CVE-2022-31311 (An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allow ...)
-	TODO: check
+	NOT-FOR-US: WAVLINK
 CVE-2022-31310
 	RESERVED
 CVE-2022-31309 (A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5 ...)
-	TODO: check
+	NOT-FOR-US: WAVLINK
 CVE-2022-31308 (A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V503 ...)
-	TODO: check
+	NOT-FOR-US: WAVLINK
 CVE-2022-31307
 	RESERVED
 CVE-2022-31306
@@ -5185,7 +5185,7 @@ CVE-2022-31291
 CVE-2022-31290
 	RESERVED
 CVE-2022-31289 (https://ossindex.sonatype.org/ Sonatype Nexus Repository Manager OSS 3 ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager OSS
 CVE-2022-31288
 	RESERVED
 CVE-2022-31287 (An issue was discovered in Bento4 v1.2. There is an allocation size re ...)
@@ -5217,7 +5217,7 @@ CVE-2022-31275
 CVE-2022-31274
 	RESERVED
 CVE-2022-31273 (An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smp ...)
-	TODO: check
+	NOT-FOR-US: TopIDP3000 Topsec Operating System
 CVE-2022-31272
 	RESERVED
 CVE-2022-31271
@@ -5802,9 +5802,9 @@ CVE-2022-31042 (Guzzle is an open source PHP HTTP client. In affected versions t
 	NOTE: https://github.com/guzzle/guzzle/security/advisories/GHSA-f2wf-25xc-69c9
 	NOTE: https://github.com/guzzle/guzzle/commit/e3ff079b22820c2029d4c2a87796b6a0b8716ad8 (7.4.4)
 CVE-2022-31041 (Open Forms is an application for creating and publishing smart forms.  ...)
-	TODO: check
+	NOT-FOR-US: Open Forms
 CVE-2022-31040 (Open Forms is an application for creating and publishing smart forms.  ...)
-	TODO: check
+	NOT-FOR-US: Open Forms
 CVE-2022-31039
 	RESERVED
 CVE-2022-31038 (Gogs is an open source self-hosted Git service. In versions of gogs pr ...)
@@ -6189,7 +6189,7 @@ CVE-2022-30939
 CVE-2022-30938
 	RESERVED
 CVE-2022-30937 (A vulnerability has been identified in EN100 Ethernet module DNP3 IP v ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-30792
 	RESERVED
 CVE-2022-30791
@@ -6379,9 +6379,9 @@ CVE-2022-30933
 CVE-2022-30932
 	RESERVED
 CVE-2022-30931 (Employee Leaves Management System (ELMS) V 2.1 is vulnerable to Cross  ...)
-	TODO: check
+	NOT-FOR-US: Employee Leaves Management System (ELMS)
 CVE-2022-30930 (Tourism Management System Version: V 3.2 is affected by: Cross Site Re ...)
-	TODO: check
+	NOT-FOR-US: Tourism Management System Version
 CVE-2022-30929
 	RESERVED
 CVE-2022-30928
@@ -6435,7 +6435,7 @@ CVE-2022-30905
 CVE-2022-30904
 	RESERVED
 CVE-2022-30903 (Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA ...)
-	TODO: check
+	NOT-FOR-US: Nokia "G-2425G-A" Bharti Airtel Routers Hardware
 CVE-2022-30902
 	RESERVED
 CVE-2022-30901
@@ -7999,13 +7999,13 @@ CVE-2022-30313
 CVE-2022-30312
 	RESERVED
 CVE-2022-30311 (In Festo Controller CECC-X-M1 product family in multiple versions, the ...)
-	TODO: check
+	NOT-FOR-US: Festo
 CVE-2022-30310 (In Festo Controller CECC-X-M1 product family in multiple versions, the ...)
-	TODO: check
+	NOT-FOR-US: Festo
 CVE-2022-30309 (In Festo Controller CECC-X-M1 product family in multiple versions, the ...)
-	TODO: check
+	NOT-FOR-US: Festo
 CVE-2022-30308 (In Festo Controller CECC-X-M1 product family in multiple versions, the ...)
-	TODO: check
+	NOT-FOR-US: Festo
 CVE-2022-30307
 	RESERVED
 CVE-2022-30306
@@ -8247,13 +8247,13 @@ CVE-2022-30233 (A CWE-20: Improper Input Validation vulnerability exists that co
 CVE-2022-30232 (A CWE-20: Improper Input Validation vulnerability exists that could ca ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2022-30231 (A vulnerability has been identified in SICAM GridEdge Essential ARM (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-30230 (A vulnerability has been identified in SICAM GridEdge Essential ARM (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-30229 (A vulnerability has been identified in SICAM GridEdge Essential ARM (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-30228 (A vulnerability has been identified in SICAM GridEdge Essential ARM (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-1584 (Reflected XSS in GitHub repository microweber/microweber prior to 1.2. ...)
 	NOT-FOR-US: microweber
 CVE-2022-1583 (The External Links in New Window / New Tab WordPress plugin before 1.4 ...)
@@ -9684,7 +9684,7 @@ CVE-2022-29790 (The graphics acceleration service has a vulnerability in multi-t
 CVE-2022-29789 (The HiAIserver has a vulnerability in verifying the validity of the pr ...)
 	NOT-FOR-US: Huawei
 CVE-2022-27174 (Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CU ...)
-	TODO: check
+	NOT-FOR-US: EC-CUBE
 CVE-2022-1465 (The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 d ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1464 (Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the  ...)
@@ -10612,7 +10612,7 @@ CVE-2022-1388 (On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions p
 CVE-2022-29456
 	RESERVED
 CVE-2022-29455 (DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elemen ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-29454
 	RESERVED
 CVE-2022-29453
@@ -11747,7 +11747,7 @@ CVE-2022-29036 (Jenkins Credentials Plugin 1111.v35a_307992395 and earlier, exce
 CVE-2022-29035 (In JetBrains Ktor Native before version 2.0.0 random values used for n ...)
 	NOT-FOR-US: JetBrains Ktor
 CVE-2022-29034 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-29033 (A vulnerability has been identified in JT2Go (All versions < V13.3. ...)
 	NOT-FOR-US: JT2Go / Siemens
 CVE-2022-29032 (A vulnerability has been identified in JT2Go (All versions < V13.3. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0b5d844b4d723dbf799b55773f3bf7b04b34845

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0b5d844b4d723dbf799b55773f3bf7b04b34845
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220614/b90d4f5a/attachment.htm>

More information about the debian-security-tracker-commits mailing list