[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
932d6085 by Neil Williams at 2022-05-13T09:55:18+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23923,11 +23923,11 @@ CVE-2022-22800
 CVE-2022-22799
 	RESERVED
 CVE-2022-22798 (Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Contro ...)
-	TODO: check
+	NOT-FOR-US: SysAid Help Desk
 CVE-2022-22797 (Sysaid – sysaid Open Redirect - An Attacker can change the redir ...)
-	TODO: check
+	NOT-FOR-US: SysAid Help Desk
 CVE-2022-22796 (Sysaid – Sysaid System Takeover - An attacker can bypass the aut ...)
-	TODO: check
+	NOT-FOR-US: SysAid Help Desk
 CVE-2022-22795 (Signiant - Manager+Agents XML External Entity (XXE) - Extract internal ...)
 	NOT-FOR-US: Signiant Manager+Agents
 CVE-2022-22794 (Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker c ...)
@@ -45562,7 +45562,7 @@ CVE-2021-40400 (An out-of-bounds read vulnerability exists in the RS-274X apertu
 	NOTE: https://github.com/gerbv/gerbv/issues/79
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1413
 CVE-2021-40399 (An exploitable use-after-free vulnerability exists in WPS Spreadsheets ...)
-	TODO: check
+	NOT-FOR-US: WPS Office
 CVE-2021-40398 (An out-of-bounds write vulnerability exists in the parse_raster_data f ...)
 	NOT-FOR-US: Accusoft ImageGear
 CVE-2021-40397 (A privilege escalation vulnerability exists in the installation of Adv ...)
@@ -77578,7 +77578,7 @@ CVE-2021-27779
 CVE-2021-27778
 	RESERVED
 CVE-2021-27777 (XML External Entity (XXE) injection vulnerabilities occur when poorly  ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27776
 	RESERVED
 CVE-2021-27775
@@ -77586,17 +77586,17 @@ CVE-2021-27775
 CVE-2021-27774
 	RESERVED
 CVE-2021-27773 (This vulnerability allows users to execute a clickjacking attack in th ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27772 (Users are able to read group conversations without actively taking par ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27771 (User SID can be modified resulting in an Arbitrary File Upload or dele ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27770 (The vulnerability was discovered within the “FaviconService&#822 ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27769 (Information leakage occurs when a website reveals information that cou ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27768 (Using the ability to perform a Man-in-the-Middle (MITM) attack, which  ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27767 (The BigFix Console installer is created with InstallShield, which was  ...)
 	NOT-FOR-US: HCL
 CVE-2021-27766 (The BigFix Client installer is created with InstallShield, which was a ...)
@@ -90291,7 +90291,7 @@ CVE-2021-22533
 CVE-2021-22532
 	RESERVED
 CVE-2021-22531 (A bug exist in the input parameter of Access Manager that allows suppl ...)
-	TODO: check
+	NOT-FOR-US: Microfocus
 CVE-2021-22530
 	RESERVED
 CVE-2021-22529
@@ -120668,13 +120668,13 @@ CVE-2020-22989
 CVE-2020-22988
 	RESERVED
 CVE-2020-22987 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.1 ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2020-22986 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.1 ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2020-22985 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.1 ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2020-22984 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.1 ...)
-	TODO: check
+	NOT-FOR-US: Microstrategy Web
 CVE-2020-22983
 	RESERVED
 CVE-2020-22982



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/932d60852a6e16091979d11df138996e0020fc82

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/932d60852a6e16091979d11df138996e0020fc82
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220513/0265c647/attachment.htm>