[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 11 21:20:24 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
34828be4 by Salvatore Bonaccorso at 2022-05-11T22:19:52+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1422,7 +1422,7 @@ CVE-2022-30042
 CVE-2022-30041
 	RESERVED
 CVE-2022-30040 (Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulne ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-30039
 	RESERVED
 CVE-2022-30038
@@ -2669,19 +2669,19 @@ CVE-2022-29618
 CVE-2022-29617
 	RESERVED
 CVE-2022-29616 (SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to l ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-29615
 	RESERVED
 CVE-2022-29614
 	RESERVED
 CVE-2022-29613 (Due to insufficient input validation, SAP Employee Self Service allows ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-29612
 	RESERVED
 CVE-2022-29611 (SAP NetWeaver Application Server for ABAP and ABAP Platform do not per ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-29610 (SAP NetWeaver Application Server ABAP allows an authenticated attacker ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-29609
 	RESERVED
 CVE-2022-29608
@@ -4919,7 +4919,7 @@ CVE-2022-28776 (Improper access control vulnerability in Galaxy Store prior to v
 CVE-2022-28775 (Improper access control vulnerability in Samsung Flow prior to version ...)
 	NOT-FOR-US: Samsung
 CVE-2022-28774 (Under certain conditions, the SAP Host Agent logfile shows information ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-28773 (Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Interne ...)
 	NOT-FOR-US: SAP
 CVE-2022-28772 (By overlong input values an attacker may force overwrite of the intern ...)
@@ -6588,7 +6588,7 @@ CVE-2022-28216 (SAP BusinessObjects Business Intelligence Platform (BI Workspace
 CVE-2022-28215 (SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787,  ...)
 	NOT-FOR-US: SAP
 CVE-2022-28214 (During an update of SAP BusinessObjects Enterprise, Central Management ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-28213 (When a user access SOAP Web services in SAP BusinessObjects Business I ...)
 	NOT-FOR-US: SAP
 CVE-2022-28212
@@ -8182,7 +8182,7 @@ CVE-2022-27658 (Under certain conditions, SAP Innovation management - version 2.
 CVE-2022-27657 (A highly privileged remote attacker, can gain unauthorized access to d ...)
 	NOT-FOR-US: SAP
 CVE-2022-27656 (The Web administration UI of SAP Web Dispatcher and the Internet Commu ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2022-27655 (When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) receive ...)
 	NOT-FOR-US: SAP
 CVE-2022-27654 (When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) rece ...)
@@ -24997,7 +24997,7 @@ CVE-2022-22322 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-si
 CVE-2022-22321 (IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with  ...)
 	NOT-FOR-US: IBM
 CVE-2022-22320 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. Thi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22319 (IBM Robotic Process Automation 21.0.1 could allow a register user on t ...)
 	NOT-FOR-US: IBM
 CVE-2022-22318
@@ -48511,7 +48511,7 @@ CVE-2021-39061
 CVE-2021-39060
 	RESERVED
 CVE-2021-39059 (IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1,  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-39058 (IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than  ...)
 	NOT-FOR-US: IBM
 CVE-2021-39057 (IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to s ...)
@@ -48691,7 +48691,7 @@ CVE-2021-38971 (IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.
 CVE-2021-38970
 	RESERVED
 CVE-2021-38969 (IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-38968
 	RESERVED
 CVE-2021-38967 (IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged use ...)
@@ -51660,7 +51660,7 @@ CVE-2021-37853
 CVE-2021-37852 (ESET products for Windows allows untrusted process to impersonate the  ...)
 	NOT-FOR-US: ESET
 CVE-2021-37851 (Local privilege escalation in Windows products of ESET allows user who ...)
-	TODO: check
+	NOT-FOR-US: ESET
 CVE-2021-37850 (ESET was made aware of a vulnerability in its consumer and business pr ...)
 	NOT-FOR-US: ESET
 CVE-2021-37849



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34828be48c9d6da53504473cc907a0bffc866f0d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34828be48c9d6da53504473cc907a0bffc866f0d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220511/7fa2acae/attachment.htm>

More information about the debian-security-tracker-commits mailing list