[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 23 21:38:58 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
822657a6 by Salvatore Bonaccorso at 2022-06-23T22:38:33+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7581,7 +7581,7 @@ CVE-2022-31397
 CVE-2022-31396
 	RESERVED
 CVE-2022-31395 (Algo Communication Products Ltd. 8373 IP Zone Paging Adapter Firmware  ...)
-	TODO: check
+	NOT-FOR-US: Algo Communication Products
 CVE-2022-31394
 	RESERVED
 CVE-2022-31393 (Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forger ...)
@@ -8502,7 +8502,7 @@ CVE-2022-31011 (TiDB is an open-source NewSQL database that supports Hybrid Tran
 CVE-2022-31010
 	RESERVED
 CVE-2022-31009 (wire-ios is an iOS client for the Wire secure messaging application. I ...)
-	TODO: check
+	NOT-FOR-US: wire-ios
 CVE-2022-31008
 	RESERVED
 CVE-2022-31007 (eLabFTW is an electronic lab notebook manager for research teams. Prio ...)
@@ -9117,7 +9117,7 @@ CVE-2022-30876
 CVE-2022-30875 (Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Er ...)
 	- dolibarr <removed>
 CVE-2022-30874 (There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet ...)
-	TODO: check
+	NOT-FOR-US: NukeViet CMS
 CVE-2022-30873
 	RESERVED
 CVE-2022-30872
@@ -10717,7 +10717,7 @@ CVE-2022-1598 (The WPQA Builder WordPress plugin before 5.4 which is a companion
 CVE-2022-1597 (The WPQA Builder WordPress plugin before 5.4, used as a companion for  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1596 (Incorrect Permission Assignment for Critical Resource vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: ABB REX640
 CVE-2022-1595 (The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1594 (The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have  ...)
@@ -20752,11 +20752,11 @@ CVE-2022-26866 (Dell PowerStore Versions before v2.1.1.0. contains a Stored Cros
 CVE-2022-26865 (Dell Support Assist OS Recovery versions before 5.5.2 contain an Authe ...)
 	NOT-FOR-US: Dell SupportAssist
 CVE-2022-26864 (Prior Dell BIOS versions contain an Input Validation vulnerability. A  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-26863 (Prior Dell BIOS versions contain an Input Validation vulnerability. A  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-26862 (Prior Dell BIOS versions contain an Input Validation vulnerability. A  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-26861
 	RESERVED
 CVE-2022-26860
@@ -47274,7 +47274,7 @@ CVE-2022-20653 (A vulnerability in the DNS-based Authentication of Named Entitie
 CVE-2022-20652
 	RESERVED
 CVE-2022-20651 (A vulnerability in the logging component of Cisco Adaptive Security De ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20650 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20649
@@ -51969,7 +51969,7 @@ CVE-2021-41926
 CVE-2021-41925
 	RESERVED
 CVE-2021-41924 (Webkul krayin crm before 1.2.2 is vulnerable to Cross Site Scripting ( ...)
-	TODO: check
+	NOT-FOR-US: Webkul krayin crm
 CVE-2021-41923
 	RESERVED
 CVE-2021-41922
@@ -53212,7 +53212,7 @@ CVE-2021-41434
 CVE-2021-41433
 	RESERVED
 CVE-2021-41432 (A stored cross-site scripting (XSS) vulnerability exists in FlatPress  ...)
-	TODO: check
+	NOT-FOR-US: FlatPress
 CVE-2021-41431
 	RESERVED
 CVE-2021-41430
@@ -54432,11 +54432,11 @@ CVE-2021-40958
 CVE-2021-40957
 	RESERVED
 CVE-2021-40956 (LaiKetui v3.5.0 has SQL injection in the background through the menu m ...)
-	TODO: check
+	NOT-FOR-US: LaiKetui
 CVE-2021-40955 (SQL injection exists in LaiKetui v3.5.0 the background administrator l ...)
-	TODO: check
+	NOT-FOR-US: LaiKetui
 CVE-2021-40954 (Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability t ...)
-	TODO: check
+	NOT-FOR-US: LaiKetui
 CVE-2021-40953
 	RESERVED
 CVE-2021-40952



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/822657a6b21ee0bb126af8c05b078c5a803c99e0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/822657a6b21ee0bb126af8c05b078c5a803c99e0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220623/5d5d0734/attachment.htm>


More information about the debian-security-tracker-commits mailing list