[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Oct 22 08:50:38 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f4a56f7 by Salvatore Bonaccorso at 2022-10-22T09:50:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -427,7 +427,7 @@ CVE-2022-3610
 CVE-2022-3609
 	RESERVED
 CVE-2022-3608 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
-	TODO: check
+	NOT-FOR-US: phpmyfaq
 CVE-2022-3607 (Failure to Sanitize Special Elements into a Different Plane (Special E ...)
 	- octoprint <itp> (bug #718591)
 CVE-2022-3606 (A vulnerability was found in Linux Kernel. It has been classified as p ...)
@@ -1676,29 +1676,29 @@ CVE-2022-42946
 CVE-2022-42945
 	RESERVED
 CVE-2022-42944 (A malicious crafted dwf or .pct file when consumed through DesignRevie ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42943 (A malicious crafted dwf or .pct file when consumed through DesignRevie ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42942 (A malicious crafted dwf or .pct file when consumed through DesignRevie ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42941 (A malicious crafted dwf or .pct file when consumed through DesignRevie ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42940 (A malicious crafted TGA file when consumed through DesignReview.exe ap ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42939 (A malicious crafted TGA file when consumed through DesignReview.exe ap ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42938 (A malicious crafted TGA file when consumed through DesignReview.exe ap ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42937 (A malicious crafted .dwf or .pct file when consumed through DesignRevi ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42936 (A malicious crafted .dwf or .pct file when consumed through DesignRevi ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42935 (A malicious crafted .dwf or .pct file when consumed through DesignRevi ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42934 (A malicious crafted .dwf or .pct file when consumed through DesignRevi ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42933 (A malicious crafted .dwf or .pct file when consumed through DesignRevi ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2022-42932
 	RESERVED
 	{DSA-5259-1 DLA-3156-1}
@@ -3193,7 +3193,7 @@ CVE-2022-42346
 CVE-2022-42345
 	RESERVED
 CVE-2022-42344 (Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-42343
 	RESERVED
 CVE-2022-42342 (Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30 ...)
@@ -3501,9 +3501,9 @@ CVE-2022-42208
 CVE-2022-42207
 	RESERVED
 CVE-2022-42206 (PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cr ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Hospital Management System
 CVE-2022-42205 (PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cr ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Hospital Management System
 CVE-2022-42204
 	RESERVED
 CVE-2022-42203
@@ -3511,15 +3511,15 @@ CVE-2022-42203
 CVE-2022-42202 (TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to ...)
 	NOT-FOR-US: TP-Link
 CVE-2022-42201 (Simple Exam Reviewer Management System v1.0 is vulnerable to Insecure  ...)
-	TODO: check
+	NOT-FOR-US: Simple Exam Reviewer Management System
 CVE-2022-42200 (Simple Exam Reviewer Management System v1.0 is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: Simple Exam Reviewer Management System
 CVE-2022-42199 (Simple Exam Reviewer Management System v1.0 is vulnerable to Cross Sit ...)
-	TODO: check
+	NOT-FOR-US: Simple Exam Reviewer Management System
 CVE-2022-42198 (In Simple Exam Reviewer Management System v1.0 the User List function  ...)
-	TODO: check
+	NOT-FOR-US: Simple Exam Reviewer Management System
 CVE-2022-42197 (In Simple Exam Reviewer Management System v1.0 the User List function  ...)
-	TODO: check
+	NOT-FOR-US: Simple Exam Reviewer Management System
 CVE-2022-42196
 	RESERVED
 CVE-2022-42195
@@ -3871,7 +3871,7 @@ CVE-2022-42023
 CVE-2022-42022
 	RESERVED
 CVE-2022-42021 (Best Student Result Management System v1.0 is vulnerable to SQL Inject ...)
-	TODO: check
+	NOT-FOR-US: Best Student Result Management System
 CVE-2022-42020
 	RESERVED
 CVE-2022-42019
@@ -4217,9 +4217,9 @@ CVE-2022-41852 (Those using JXPath to interpret untrusted XPath expressions may
 CVE-2022-41851 (A vulnerability has been identified in JTTK (All versions < V11.1.1 ...)
 	NOT-FOR-US: JTTK
 CVE-2022-41836 (When an 'Attack Signature False Positive Mode' enabled security policy ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2022-41835 (In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0 ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2022-41833 (In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::coll ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2022-41832 (In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15. ...)
@@ -4233,7 +4233,7 @@ CVE-2022-41800
 CVE-2022-41787 (In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15. ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2022-41780 (In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0 ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2022-41770 (In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15. ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2022-41694 (In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f4a56f7baafa5d239cfb1eecf4ff4ffbdd3c969

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f4a56f7baafa5d239cfb1eecf4ff4ffbdd3c969
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221022/a44a476a/attachment.htm>

More information about the debian-security-tracker-commits mailing list