[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon Jun 20 21:23:49 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
be956265 by Salvatore Bonaccorso at 2022-06-20T22:23:20+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2022-2136
 CVE-2022-2135
 	RESERVED
 CVE-2022-2134 (Denial of Service in GitHub repository inventree/inventree prior to 0. ...)
-	TODO: check
+	NOT-FOR-US: inventree
 CVE-2022-2133
 	RESERVED
 CVE-2022-2132
@@ -45,7 +45,7 @@ CVE-2022-2132
 CVE-2022-2131
 	RESERVED
 CVE-2022-2130 (Cross-site Scripting (XSS) - Reflected in GitHub repository microweber ...)
-	TODO: check
+	NOT-FOR-US: microweber
 CVE-2022-XXXX [vlc issues fixed in 3.0.13]
 	- vlc 3.0.16-1
 	[buster] - vlc 3.0.17.4-0+deb10u1
@@ -441,7 +441,7 @@ CVE-2022-2129 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ..
 	NOTE: https://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352
 	NOTE: https://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d (v8.2.5126)
 CVE-2022-2128 (Unrestricted Upload of File with Dangerous Type in GitHub repository p ...)
-	TODO: check
+	NOT-FOR-US: Trudesk
 CVE-2022-2127
 	RESERVED
 CVE-2022-2126 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...)
@@ -4704,7 +4704,7 @@ CVE-2022-32206
 CVE-2022-32205
 	RESERVED
 CVE-2022-31734 (** Unsupported When Assigned ** Cisco Catalyst 2940 Series Switches pr ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-1976
 	RESERVED
 	- linux 5.18.5-1
@@ -5716,9 +5716,9 @@ CVE-2022-31796 (libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBi
 	NOTE: https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-31795 (An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu
 CVE-2022-31794 (An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu
 CVE-2022-1933
 	RESERVED
 CVE-2022-1932
@@ -7289,9 +7289,9 @@ CVE-2022-1826 (The Cross-Linker WordPress plugin through 3.0.1.9 does not have C
 CVE-2022-1825 (Cross-site Scripting (XSS) - Reflected in GitHub repository collective ...)
 	NOT-FOR-US: collectiveaccess/providence
 CVE-2022-1824 (An uncontrolled search path vulnerability in McAfee Consumer Product R ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2022-1823 (Improper privilege management vulnerability in McAfee Consumer Product ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2022-1822 (The Zephyr Project Manager plugin for WordPress is vulnerable to Refle ...)
 	NOT-FOR-US: Zephyr Project Manager plugin for WordPress
 CVE-2022-1821 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be9562651125bcad6a6602c22bc8e9e881b578c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be9562651125bcad6a6602c22bc8e9e881b578c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220620/6c72c716/attachment-0001.htm>
