[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ca2ff50 by Neil Williams at 2022-05-26T08:32:52+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23219,7 +23219,7 @@ CVE-2022-23777
 CVE-2022-23776
 	RESERVED
 CVE-2022-23775 (TrueStack Direct Connect 1.4.7 has Incorrect Access Control. ...)
-	TODO: check
+	NOT-FOR-US: TrueStack
 CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...)
 	NOT-FOR-US: Docker Desktop
 CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret  ...)
@@ -33319,7 +33319,7 @@ CVE-2021-44721
 CVE-2021-44720
 	RESERVED
 CVE-2021-44719 (Docker Desktop 4.3.0 has Incorrect Access Control. ...)
-	TODO: check
+	NOT-FOR-US: Docker Desktop on MacOS
 CVE-2021-44718
 	RESERVED
 	- wolfssl 5.1.1-1
@@ -60607,7 +60607,7 @@ CVE-2021-35489 (Thruk 2.40-2 allows /thruk/#cgi-bin/extinfo.cgi?type=2&host=
 CVE-2021-35488 (Thruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&titl ...)
 	NOT-FOR-US: Thruk
 CVE-2021-35487 (Nokia Broadcast Message Center through 11.1.0 allows an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: Nokia Broadcast Message Center
 CVE-2021-35486
 	RESERVED
 CVE-2021-35485
@@ -66566,7 +66566,7 @@ CVE-2021-32999 (Improper handling of exceptional conditions in SuiteLink server
 CVE-2021-32998 (The FANUC R-30iA and R-30iB series controllers are vulnerable to an ou ...)
 	NOT-FOR-US: FANUC
 CVE-2021-32997 (The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x,  ...)
-	TODO: check
+	NOT-FOR-US: Baker Hughes Bentley Nevada
 CVE-2021-32996 (The FANUC R-30iA and R-30iB series controllers are vulnerable to integ ...)
 	NOT-FOR-US: FANUC
 CVE-2021-32995 (Cscape (All Versions prior to 9.90 SP5) lacks proper validation of use ...)
@@ -66582,7 +66582,7 @@ CVE-2021-32991 (Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerab
 CVE-2021-32990 (FATEK Automation WinProladder Versions 3.30 and prior are vulnerable t ...)
 	NOT-FOR-US: FATEK Automation WinProladder
 CVE-2021-32989 (When a non-existent resource is requested, the LCDS LAquis SCADA appli ...)
-	TODO: check
+	NOT-FOR-US: LAquis SCADA
 CVE-2021-32988 (FATEK Automation WinProladder Versions 3.30 and prior are vulnerable t ...)
 	NOT-FOR-US: FATEK Automation WinProladder
 CVE-2021-32987 (Null pointer dereference in SuiteLink server while processing command  ...)
@@ -66628,7 +66628,7 @@ CVE-2021-32968 (Two buffer overflows in the built-in web server in Moxa NPort IA
 CVE-2021-32967 (Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an atta ...)
 	NOT-FOR-US: Delta Electronics
 CVE-2021-32966 (Philips Interoperability Solution XDS versions 2.5 through 3.11 and 20 ...)
-	TODO: check
+	NOT-FOR-US: Philips Interoperability
 CVE-2021-32965 (Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to  ...)
 	NOT-FOR-US: Delta Electronics
 CVE-2021-32964 (The AGG Software Web Server version 4.0.40.1014 and prior is vulnerabl ...)
@@ -80365,7 +80365,7 @@ CVE-2021-27785
 CVE-2021-27784
 	RESERVED
 CVE-2021-27783 (User generated PPKG file for Bulk Enroll may have unencrypted sensitiv ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27782
 	RESERVED
 CVE-2021-27781



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ca2ff50feb8a158a3825b4a3a43e19134b6b7c2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ca2ff50feb8a158a3825b4a3a43e19134b6b7c2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220526/2b0c7532/attachment.htm>