[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 23 09:52:17 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09893385 by Salvatore Bonaccorso at 2022-11-23T10:51:51+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1532,9 +1532,9 @@ CVE-2022-45333
 CVE-2022-45332
 	RESERVED
 CVE-2022-45331 (AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability ...)
-	TODO: check
+	NOT-FOR-US: AeroCMS
 CVE-2022-45330 (AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability ...)
-	TODO: check
+	NOT-FOR-US: AeroCMS
 CVE-2022-45329
 	RESERVED
 CVE-2022-45328
@@ -8318,7 +8318,7 @@ CVE-2022-43753 (A Improper Limitation of a Pathname to a Restricted Directory ('
 CVE-2022-43752 (** UNSUPPORTED WHEN ASSIGNED ** Oracle Solaris version 10 1/13, when u ...)
 	NOT-FOR-US: Oracle Solaris
 CVE-2022-43751 (McAfee Total Protection prior to version 16.0.49 contains an uncontrol ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2022-43750 (drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 ...)
 	{DLA-3173-1}
 	- linux 6.0.2-1
@@ -9828,7 +9828,7 @@ CVE-2022-43215 (Billing System Project v1.0 was discovered to contain a SQL inje
 CVE-2022-43214 (Billing System Project v1.0 was discovered to contain a SQL injection  ...)
 	NOT-FOR-US: Billing System Project
 CVE-2022-43213 (Billing System Project v1.0 was discovered to contain a SQL injection  ...)
-	TODO: check
+	NOT-FOR-US: Billing System Project
 CVE-2022-43212 (Billing System Project v1.0 was discovered to contain a SQL injection  ...)
 	NOT-FOR-US: Billing System Project
 CVE-2022-43211
@@ -16013,7 +16013,7 @@ CVE-2022-40772
 CVE-2022-40771
 	RESERVED
 CVE-2022-40770 (Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulner ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2022-40769 (profanity through 1.60 has only four billion possible RNG initializati ...)
 	NOT-FOR-US: profanity (not same as src:profanity)
 CVE-2022-40768 (drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local us ...)
@@ -21261,7 +21261,7 @@ CVE-2022-38726
 CVE-2022-38725
 	RESERVED
 CVE-2022-38724 (Silverstripe silverstripe/framework through 4.11.0, silverstripe/asset ...)
-	TODO: check
+	NOT-FOR-US: SilverStripe CMS
 CVE-2022-38723
 	RESERVED
 CVE-2022-38722
@@ -23039,7 +23039,7 @@ CVE-2022-2793 (Emerson Electric's Proficy Machine Edition Version 9.00 and prior
 CVE-2022-2792 (Emerson Electric's Proficy Machine Edition Version 9.00 and prior is v ...)
 	NOT-FOR-US: Emerson
 CVE-2022-2791 (Emerson Electric's Proficy Machine Edition Version 9.00 and prior is v ...)
-	TODO: check
+	NOT-FOR-US: Emerson Electric's Proficy Machine Edition
 CVE-2022-2790 (Emerson Electric's Proficy Machine Edition Version 9.00 and prior is v ...)
 	NOT-FOR-US: Emerson
 CVE-2022-2789 (Emerson Electric's Proficy Machine Edition Version 9.00 and prior is v ...)
@@ -23165,11 +23165,11 @@ CVE-2022-38149 (HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may e
 CVE-2022-38148 (Silverstripe silverstripe/framework through 4.11 allows SQL Injection. ...)
 	NOT-FOR-US: SilverStripe CMS
 CVE-2022-38147 (Silverstripe silverstripe/framework through 4.11 allows XSS (issue 3 o ...)
-	TODO: check
+	NOT-FOR-US: SilverStripe CMS
 CVE-2022-38146 (Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 o ...)
 	NOT-FOR-US: SilverStripe CMS
 CVE-2022-38145 (Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 o ...)
-	TODO: check
+	NOT-FOR-US: SilverStripe CMS
 CVE-2022-38133 (In JetBrains TeamCity before 2022.04.3 the private SSH key could be wr ...)
 	NOT-FOR-US: JetBrains TeamCity
 CVE-2022-38132 (Command injection vulnerability in Linksys MR8300 router while Registr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/098933859d0beb653536b20d2cf5f90613490045

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/098933859d0beb653536b20d2cf5f90613490045
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221123/07804360/attachment.htm>

More information about the debian-security-tracker-commits mailing list