[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu May 26 10:09:49 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7743914 by Neil Williams at 2022-05-26T10:09:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7651,7 +7651,7 @@ CVE-2022-29001 (In SpringBootMovie <=1.2, the uploaded file suffix parameter
 CVE-2022-29000
 	RESERVED
 CVE-2022-28999 (Insecure permissions in the install directories and binaries of Dev-CP ...)
-	TODO: check
+	NOT-FOR-US: Bloodshed Dev-C++
 CVE-2022-28998 (Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer ove ...)
 	NOT-FOR-US: Xlight FTP
 CVE-2022-28997 (CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forger ...)
@@ -7944,7 +7944,7 @@ CVE-2022-28877
 CVE-2022-28876
 	RESERVED
 CVE-2022-28875 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atl ...)
-	TODO: check
+	NOT-FOR-US: F-Secure
 CVE-2022-28874 (Multiple Denial-of-Service vulnerabilities was discovered in the F-Sec ...)
 	NOT-FOR-US: F-Secure
 CVE-2022-28873 (A vulnerability affecting F-Secure SAFE browser was discovered. An att ...)
@@ -7970,7 +7970,7 @@ CVE-2022-28864
 CVE-2022-28863
 	RESERVED
 CVE-2022-28862 (In Archibus Web Central before 26.2, multiple SQL Injection vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: ARCHIBUS Web Central
 CVE-2022-28861
 	RESERVED
 CVE-2022-28860
@@ -25881,7 +25881,7 @@ CVE-2022-23052 (PeteReport Version 0.5 contains a Cross Site Request Forgery (CS
 CVE-2022-23051 (PeteReport Version 0.5 allows an authenticated admin user to inject pe ...)
 	NOT-FOR-US: PeteReport
 CVE-2022-23050 (ManageEngine AppManager15 (Build No:15510) allows an authenticated adm ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine Applications Manager
 CVE-2022-23049 (Exponent CMS 2.6.0patch2 allows an authenticated user to inject persis ...)
 	NOT-FOR-US: Exponent CMS
 CVE-2022-23048 (Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7743914651369f942a40bdf50820da7e08f739c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7743914651369f942a40bdf50820da7e08f739c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220526/c824ff7a/attachment.htm>

More information about the debian-security-tracker-commits mailing list