[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7de3cb9d by Neil Williams at 2022-05-26T14:00:00+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6613,7 +6613,7 @@ CVE-2022-29351 (An arbitrary file upload vulnerability in the file upload module
 CVE-2022-29350
 	RESERVED
 CVE-2022-29349 (kkFileView v4.0.0 was discovered to contain a cross-site scripting (XS ...)
-	TODO: check
+	NOT-FOR-US: kkFileview
 CVE-2022-29348
 	RESERVED
 CVE-2022-29347 (An arbitrary file upload vulnerability in Web at rchiv 1.0 allows attacke ...)
@@ -6647,15 +6647,15 @@ CVE-2022-29339 (In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in
 CVE-2022-29338
 	RESERVED
 CVE-2022-29337 (C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command ...)
-	TODO: check
+	NOT-FOR-US: CDATA
 CVE-2022-29336
 	RESERVED
 CVE-2022-29335
 	RESERVED
 CVE-2022-29334 (An issue in H v1.0 allows attackers to bypass authentication via a ses ...)
-	TODO: check
+	NOT-FOR-US: SiJiDo/H
 CVE-2022-29333 (A vulnerability in CyberLink Power Director v14 allows attackers to es ...)
-	TODO: check
+	NOT-FOR-US: CyberLink PowerDirector
 CVE-2022-29332 (D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An atta ...)
 	NOT-FOR-US: D-LINK
 CVE-2022-29331
@@ -6711,7 +6711,7 @@ CVE-2022-29307 (IonizeCMS v1.0.8.1 was discovered to contain a command injection
 CVE-2022-29306 (IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerabi ...)
 	NOT-FOR-US: Ionize CMS
 CVE-2022-29305 (imgurl v2.31 was discovered to contain a Blind SQL injection vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: imgURL
 CVE-2022-29304 (Online Sports Complex Booking System 1.0 is vulnerable to SQL Injectio ...)
 	NOT-FOR-US: Sourcecodester Online Sports Complex Booking System
 CVE-2022-29303 (SolarView Compact ver.6.00 was discovered to contain a command injecti ...)
@@ -6913,7 +6913,7 @@ CVE-2022-29258
 CVE-2022-29257
 	RESERVED
 CVE-2022-29256 (sharp is an application for Node.js image processing. Prior to version ...)
-	TODO: check
+	NOT-FOR-US: lovell/sharp
 CVE-2022-29255
 	RESERVED
 CVE-2022-29254
@@ -6927,7 +6927,7 @@ CVE-2022-29251 (XWiki Platform Flamingo Theme UI is a tool that allows customiza
 CVE-2022-29250
 	RESERVED
 CVE-2022-29249 (JavaEZ is a library that adds new functions to make Java easier. A wea ...)
-	TODO: check
+	NOT-FOR-US: JavaEZLib/JavaEZ
 CVE-2022-29248 (Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3  ...)
 	- guzzle <unfixed> (bug #1011636)
 	NOTE: https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3
@@ -6942,7 +6942,7 @@ CVE-2022-29244
 CVE-2022-29243
 	RESERVED
 CVE-2022-29242 (GOST engine is a reference implementation of the Russian GOST crypto a ...)
-	TODO: check
+	NOT-FOR-US: gost-engine/engine
 CVE-2022-29241
 	RESERVED
 CVE-2022-29240
@@ -6952,7 +6952,7 @@ CVE-2022-29239
 CVE-2022-29238
 	RESERVED
 CVE-2022-29237 (Opencast is a free and open source solution for automated video captur ...)
-	TODO: check
+	NOT-FOR-US: Opencast
 CVE-2022-29236
 	RESERVED
 CVE-2022-29235



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7de3cb9d379f84e716072f099806b444d45a25a0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7de3cb9d379f84e716072f099806b444d45a25a0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220526/c23f3a19/attachment.htm>