[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 24 09:46:05 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b57dcfa by Salvatore Bonaccorso at 2022-05-24T10:45:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -699,7 +699,7 @@ CVE-2022-1821
 CVE-2022-1820
 	RESERVED
 CVE-2022-1819 (A vulnerability, which was classified as problematic, was found in Stu ...)
-	TODO: check
+	NOT-FOR-US: Student Information System
 CVE-2022-1818
 	RESERVED
 CVE-2022-1817 (A vulnerability, which was classified as problematic, was found in Bad ...)
@@ -4058,7 +4058,7 @@ CVE-2022-30017 (Rescue Dispatch Management System 1.0 suffers from Stored XSS, l
 CVE-2022-30016 (Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Acces ...)
 	NOT-FOR-US: Rescue Dispatch Management System
 CVE-2022-30015 (In Simple Food Website 1.0, a moderation can put the Cross Site Script ...)
-	TODO: check
+	NOT-FOR-US: Simple Food Website
 CVE-2022-30014 (Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site ...)
 	NOT-FOR-US: Lumidek Associates Simple Food Website
 CVE-2022-30013 (A stored cross-site scripting (XSS) vulnerability in the upload functi ...)
@@ -6008,7 +6008,7 @@ CVE-2022-29379
 CVE-2022-29378
 	RESERVED
 CVE-2022-29377 (Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a st ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2022-29376 (Xampp for Windows v8.1.4 and below was discovered to contain insecure  ...)
 	TODO: check
 CVE-2022-29375
@@ -6154,7 +6154,7 @@ CVE-2022-29311
 CVE-2022-29310
 	RESERVED
 CVE-2022-29309 (mysiteforme v2.2.1 was discovered to contain a Server-Side Request For ...)
-	TODO: check
+	NOT-FOR-US: mysiteforme
 CVE-2022-29308
 	RESERVED
 CVE-2022-29307 (IonizeCMS v1.0.8.1 was discovered to contain a command injection vulne ...)
@@ -14054,9 +14054,9 @@ CVE-2022-0874 (The WP Social Buttons WordPress plugin through 2.1 does not sanit
 CVE-2022-0873 (The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-26532 (A argument injection vulnerability in the 'packet-trace' CLI command o ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2022-26531 (Multiple improper input validation flaws were identified in some CLI c ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2022-26530 (swaylock before 1.6 allows attackers to trigger a crash and achieve un ...)
 	- swaylock 1.6-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2066596
@@ -16190,7 +16190,7 @@ CVE-2022-25763
 CVE-2022-21182 (A privilege escalation vulnerability exists in the router configuratio ...)
 	NOT-FOR-US: InHand Networks InRouter302
 CVE-2022-0734 (A cross-site scripting vulnerability was identified in the CGI program ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2022-0733
 	RESERVED
 CVE-2022-0732 (The backend infrastructure shared by multiple mobile device monitoring ...)
@@ -66344,7 +66344,7 @@ CVE-2021-32960 (Rockwell Automation FactoryTalk Services Platform v6.11 and earl
 CVE-2021-32959 (Heap-based buffer overflow in SuiteLink server while processing comman ...)
 	NOT-FOR-US: Suitelink
 CVE-2021-32958 (Successful exploitation of this vulnerability on Claroty Secure Remote ...)
-	TODO: check
+	NOT-FOR-US: Claroty Secure Remote Access (SRA) Site
 CVE-2021-32957 (A function in MDT AutoSave versions prior to v6.02.06 is used to retri ...)
 	NOT-FOR-US: Auvesy-MDT
 CVE-2021-32956 (Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to re ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b57dcfa0104235a2b470ef7e0bd3f84c5d12718

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b57dcfa0104235a2b470ef7e0bd3f84c5d12718
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220524/a78c0dc5/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list