[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Nov 1 08:23:02 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8735fd26 by Salvatore Bonaccorso at 2022-11-01T09:22:39+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,9 +63,9 @@ CVE-2022-44533
 CVE-2022-44532
 	RESERVED
 CVE-2022-3785 (A vulnerability, which was classified as critical, has been found in A ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-3784 (A vulnerability classified as critical was found in Axiomatic Bento4 5 ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-3783 (A vulnerability, which was classified as problematic, has been found i ...)
 	TODO: check
 CVE-2022-3782
@@ -4766,11 +4766,11 @@ CVE-2022-43357
 CVE-2022-43356
 	RESERVED
 CVE-2022-43355 (Sanitization Management System v1.0 was discovered to contain a SQL in ...)
-	TODO: check
+	NOT-FOR-US: Sanitization Management System
 CVE-2022-43354 (Sanitization Management System v1.0 was discovered to contain a SQL in ...)
-	TODO: check
+	NOT-FOR-US: Sanitization Management System
 CVE-2022-43353 (Sanitization Management System v1.0 was discovered to contain a SQL in ...)
-	TODO: check
+	NOT-FOR-US: Sanitization Management System
 CVE-2022-43352
 	RESERVED
 CVE-2022-43351
@@ -5176,7 +5176,7 @@ CVE-2022-43154
 CVE-2022-43153
 	RESERVED
 CVE-2022-43152 (tsMuxer v2.6.16 was discovered to contain a heap overflow via the func ...)
-	TODO: check
+	NOT-FOR-US: tsMuxer
 CVE-2022-43151 (timg v1.4.4 was discovered to contain a memory leak via the function t ...)
 	TODO: check
 CVE-2022-43150
@@ -5843,11 +5843,11 @@ CVE-2022-42927
 CVE-2022-42926
 	RESERVED
 CVE-2022-42925 (There is a vulnerability on Forma LMS version 3.1.0 and earlier that c ...)
-	TODO: check
+	NOT-FOR-US: Forma LMS
 CVE-2022-42924 (Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL inje ...)
-	TODO: check
+	NOT-FOR-US: Forma LMS
 CVE-2022-42923 (Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL inje ...)
-	TODO: check
+	NOT-FOR-US: Forma LMS
 CVE-2022-42922
 	RESERVED
 CVE-2022-42921
@@ -8542,15 +8542,15 @@ CVE-2022-41810
 CVE-2022-41809
 	RESERVED
 CVE-2022-41779 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41778
 	RESERVED
 CVE-2022-41776 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41773 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
 	NOT-FOR-US: DIAEnergie
 CVE-2022-41772 (Delta Electronics InfraSuite Device Master Versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41702 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
 	NOT-FOR-US: DIAEnergie
 CVE-2022-41701 (The affected product DIAEnergie (versions prior to v1.9.01.002) is vul ...)
@@ -8558,11 +8558,11 @@ CVE-2022-41701 (The affected product DIAEnergie (versions prior to v1.9.01.002)
 CVE-2022-41697
 	RESERVED
 CVE-2022-41688 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41683
 	RESERVED
 CVE-2022-41657 (Delta Electronics InfraSuite Device Master Versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41654
 	RESERVED
 CVE-2022-41653
@@ -8572,11 +8572,11 @@ CVE-2022-41651 (The affected product DIAEnergie (versions prior to v1.9.01.002)
 CVE-2022-41648 (The HEIDENHAIN Controller TNC 640, version 340590 07 SP5, running HERO ...)
 	NOT-FOR-US: HEIDENHAIN Controller TNC 640
 CVE-2022-41644 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41636 (Communication traffic involving "Ethernet Q Commands" service of Haas  ...)
 	NOT-FOR-US: Haas Controller
 CVE-2022-41629 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-41627 (The physical IoT device of the AliveCor's KardiaMobile, a smartphone-b ...)
 	TODO: check
 CVE-2022-41613
@@ -8598,7 +8598,7 @@ CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in Alive
 CVE-2022-40204
 	RESERVED
 CVE-2022-40202 (The database backup function in Delta Electronics InfraSuite Device Ma ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-40201
 	RESERVED
 CVE-2022-40190 (SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflec ...)
@@ -8606,7 +8606,7 @@ CVE-2022-40190 (SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to
 CVE-2022-38355
 	RESERVED
 CVE-2022-38142 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-3361
 	RESERVED
 CVE-2022-3360 (The LearnPress WordPress plugin before 4.1.7.2 unserialises user input ...)
@@ -8811,11 +8811,11 @@ CVE-2022-41689
 CVE-2022-41682
 	RESERVED
 CVE-2022-41681 (There is a vulnerability on Forma LMS version 3.1.0 and earlier that c ...)
-	TODO: check
+	NOT-FOR-US: Forma LMS
 CVE-2022-41680 (Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL inje ...)
-	TODO: check
+	NOT-FOR-US: Forma LMS
 CVE-2022-41679 (Forma LMS version 3.1.0 and earlier are affected by an Cross-Site scri ...)
-	TODO: check
+	NOT-FOR-US: Forma LMS
 CVE-2022-41678
 	RESERVED
 CVE-2022-41677
@@ -9282,9 +9282,9 @@ CVE-2022-3301 (Improper Cleanup on Thrown Exception in GitHub repository ikus060
 CVE-2022-3300 (The Form Maker by 10Web WordPress plugin before 1.15.6 does not proper ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-41553 (Insertion of Sensitive Information into Temporary File vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2022-41552 (Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastruc ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2022-41551
 	RESERVED
 CVE-2022-41550 (GNU oSIP v5.3.0 was discovered to contain an integer overflow via the  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8735fd269e7cbe5f7edeabbc293dc67c503e2c87

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8735fd269e7cbe5f7edeabbc293dc67c503e2c87
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221101/ae4d8a9a/attachment.htm>

More information about the debian-security-tracker-commits mailing list