[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 25 08:41:29 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
62917c4e by Salvatore Bonaccorso at 2022-11-25T09:41:06+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17515,7 +17515,7 @@ CVE-2022-40284 (A buffer overflow was discovered in NTFS-3G before 2022.10.3. Cr
 CVE-2022-40283
 	RESERVED
 CVE-2022-40282 (The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authe ...)
-	TODO: check
+	NOT-FOR-US: Hirschmann BAT-C2
 CVE-2022-40281 (An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PR ...)
 	NOT-FOR-US: Samsung TizenRT
 CVE-2022-40280 (An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PR ...)
@@ -24068,7 +24068,7 @@ CVE-2022-2723 (A vulnerability was found in SourceCodester Employee Management S
 CVE-2022-2722 (A vulnerability was found in SourceCodester Simple Student Information ...)
 	NOT-FOR-US: SourceCodester Simple Student Information System
 CVE-2022-2721 (In affected versions of Octopus Server it is possible for target disco ...)
-	TODO: check
+	NOT-FOR-US: Octopus Server
 CVE-2022-2720 (In affected versions of Octopus Server it was identified that when a s ...)
 	NOT-FOR-US: Octopus Server
 CVE-2021-46833
@@ -28622,7 +28622,7 @@ CVE-2022-36135
 CVE-2022-36134
 	RESERVED
 CVE-2022-36133 (The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices wit ...)
-	TODO: check
+	NOT-FOR-US: Epson
 CVE-2022-36132
 	RESERVED
 CVE-2022-36131 (The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to s ...)
@@ -46273,23 +46273,23 @@ CVE-2022-29835 (WD Discovery software executable files were signed with an unsaf
 CVE-2022-29834 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
 	NOT-FOR-US: ICONICS
 CVE-2022-29833 (Insufficiently Protected Credentials vulnerability in Mitsubishi Elect ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29832 (Cleartext Storage of Sensitive Information in Memory vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29831 (Use of Hard-coded Password vulnerability in Mitsubishi Electric Corpor ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29830 (Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electr ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29829 (Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electr ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29828 (Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electr ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29827 (Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electr ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29826 (Cleartext Storage of Sensitive Information vulnerability in Mitsubishi ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29825 (Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Wor ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-29824 (In libxml2 before 2.9.14, several buffer handling functions in buf.c ( ...)
 	{DSA-5142-1 DLA-3012-1}
 	- libxml2 2.9.14+dfsg-1 (bug #1010526)
@@ -59897,7 +59897,7 @@ CVE-2022-25166 (An issue was discovered in Amazon AWS VPN Client 2.0.0. It is po
 CVE-2022-25165 (An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race  ...)
 	NOT-FOR-US: Amazon AWS VPN Client
 CVE-2022-25164 (Cleartext Storage of Sensitive Information vulnerability in Mitsubishi ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2022-25163 (Improper Input Validation vulnerability in Mitsubishi Electric MELSEC- ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2022-25162 (Improper Input Validation vulnerability in Mitsubishi Electric MELSEC  ...)
@@ -66912,7 +66912,7 @@ CVE-2022-0224 (dolibarr is vulnerable to Improper Neutralization of Special Elem
 CVE-2022-0223
 	RESERVED
 CVE-2022-0222 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2022-0221 (A CWE-611: Improper Restriction of XML External Entity Reference vulne ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2022-0220 (The check_privacy_settings AJAX action of the WordPress GDPR WordPress ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62917c4e14a59bc12aa9e9abddc45a9b15cbd623

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62917c4e14a59bc12aa9e9abddc45a9b15cbd623
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221125/e04891f8/attachment.htm>

More information about the debian-security-tracker-commits mailing list