[Git][security-tracker-team/security-tracker][master] Process NFUs

Thu Nov 24 20:23:44 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b457516d by Salvatore Bonaccorso at 2022-11-24T21:23:16+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -44,7 +44,7 @@ CVE-2022-45867
 CVE-2022-45866 (qpress before PierreLvx/qpress 20220819 and before version 11.3, as us ...)
 	NOT-FOR-US: qpress
 CVE-2022-4136 (Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4 ...)
-	TODO: check
+	NOT-FOR-US: leadshop
 CVE-2022-4135
 	RESERVED
 CVE-2022-4134
@@ -933,11 +933,11 @@ CVE-2022-44608
 CVE-2022-4091
 	RESERVED
 CVE-2022-4090 (A vulnerability was found in rickxy Stock Management System and classi ...)
-	TODO: check
+	NOT-FOR-US: rickxy Stock Management System
 CVE-2022-4089 (A vulnerability was found in rickxy Stock Management System. It has be ...)
-	TODO: check
+	NOT-FOR-US: rickxy Stock Management System
 CVE-2022-4088 (A vulnerability was found in rickxy Stock Management System and classi ...)
-	TODO: check
+	NOT-FOR-US: rickxy Stock Management System
 CVE-2022-4087 (A vulnerability was found in iPXE. It has been declared as problematic ...)
 	- ipxe <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://github.com/ipxe/ipxe/commit/634a86093af9a6d134be8662f25616f4edfec683
@@ -15774,9 +15774,9 @@ CVE-2022-40979 (In JetBrains TeamCity before 2022.04.4 environmental variables o
 CVE-2022-40978 (The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerabl ...)
 	NOT-FOR-US: installer of JetBrains IntelliJ IDEA
 CVE-2022-40977 (A path traversal vulnerability was discovered in Pilz PASvisu Server b ...)
-	TODO: check
+	NOT-FOR-US: Pilz PASvisu Server
 CVE-2022-40976 (A path traversal vulnerability was discovered in multiple Pilz product ...)
-	TODO: check
+	NOT-FOR-US: Pilz
 CVE-2022-40969
 	RESERVED
 CVE-2022-40962
@@ -17505,7 +17505,7 @@ CVE-2022-40268
 CVE-2022-40267
 	RESERVED
 CVE-2022-40266 (Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-40265
 	RESERVED
 CVE-2022-40264
@@ -54957,7 +54957,7 @@ CVE-2022-0935 (Host Header injection in password Reset in GitHub repository live
 CVE-2022-26886
 	RESERVED
 CVE-2022-26885 (When using tasks to read config files, there is a risk of database pas ...)
-	TODO: check
+	NOT-FOR-US: Apache DolphinScheduler
 CVE-2022-26884 (Users can read any files by log server, Apache DolphinScheduler users  ...)
 	NOT-FOR-US: Apache DolphinScheduler
 CVE-2022-0934 (A single-byte, non-arbitrary write/use-after-free flaw was found in dn ...)
@@ -118919,7 +118919,7 @@ CVE-2021-29336
 CVE-2021-29335
 	RESERVED
 CVE-2021-29334 (An issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: JIZHI CMS
 CVE-2021-29333
 	RESERVED
 CVE-2021-29332
@@ -121616,7 +121616,7 @@ CVE-2021-3439
 CVE-2021-3438 (A potential buffer overflow in the software drivers for certain HP Las ...)
 	NOT-FOR-US: HP LaserJet products and Samsung product printers
 CVE-2021-3437 (Potential security vulnerabilities have been identified in an OMEN Gam ...)
-	TODO: check
+	NOT-FOR-US: OMEN Gaming Hub SDK
 CVE-2021-3436 (BT: Possible to overwrite an existing bond during keys distribution ph ...)
 	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2021-28216 (BootPerformanceTable pointer is read from an NVRAM variable in PEI. Re ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b457516d90ad81aa45b37c011d098ada6886a7c6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b457516d90ad81aa45b37c011d098ada6886a7c6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221124/67e6106f/attachment.htm>
