[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Sep 2 21:24:57 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11079ae8 by Salvatore Bonaccorso at 2022-09-02T22:24:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5876,7 +5876,7 @@ CVE-2022-37460
 CVE-2022-37459 (Ampere Altra devices before 1.08g and Ampere Altra Max devices before  ...)
 	NOT-FOR-US: Ampere
 CVE-2022-37458 (Discourse through 2.8.7 allows admins to send invitations to arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2022-37457
 	RESERVED
 CVE-2022-37456
@@ -8151,7 +8151,7 @@ CVE-2022-36606 (Ywoa before v6.1 was discovered to contain a SQL injection vulne
 CVE-2022-36605 (Yimioa v6.1 was discovered to contain a SQL injection vulnerability vi ...)
 	NOT-FOR-US: Yimioa
 CVE-2022-36604 (An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and belo ...)
-	TODO: check
+	NOT-FOR-US: Canaan Avalon ASIC Miner
 CVE-2022-36603 (InnoSilicon T3T+ t2t+_soc_20190911_151433.swu was discovered to contai ...)
 	TODO: check
 CVE-2022-36602 (InnoSilicon A10 a10_20200924_120556 was discovered to contain a remote ...)
@@ -9602,7 +9602,7 @@ CVE-2022-36078 (Binary provides encoding/decoding in Borsh and other formats. Th
 CVE-2022-36077
 	RESERVED
 CVE-2022-36076 (NodeBB Forum Software is powered by Node.js and supports either Redis, ...)
-	TODO: check
+	NOT-FOR-US: NodeBB
 CVE-2022-36075
 	RESERVED
 CVE-2022-36074
@@ -9612,7 +9612,7 @@ CVE-2022-36073
 CVE-2022-36072
 	RESERVED
 CVE-2022-36071 (SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and Web ...)
-	TODO: check
+	NOT-FOR-US: SFTPGo
 CVE-2022-36070
 	RESERVED
 CVE-2022-36069
@@ -9690,7 +9690,7 @@ CVE-2022-36037 (kirby is a content management system (CMS) that adapts to many d
 CVE-2022-36036 (mdx-mermaid provides plug and play access to Mermaid in MDX. There is  ...)
 	TODO: check
 CVE-2022-36035 (Flux is a tool for keeping Kubernetes clusters in sync with sources of ...)
-	TODO: check
+	NOT-FOR-US: Flux
 CVE-2022-36034 (nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS  ...)
 	TODO: check
 CVE-2022-36033 (jsoup is a Java HTML parser, built for HTML editing, cleaning, scrapin ...)
@@ -14077,7 +14077,7 @@ CVE-2022-34384
 CVE-2022-34383 (Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operat ...)
 	NOT-FOR-US: Dell
 CVE-2022-34382 (Dell Command Update, Dell Update and Alienware Update versions prior t ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-34381
 	RESERVED
 CVE-2022-34380 (Dell CloudLink 7.1.3 and all earlier versions contain an Authenticatio ...)
@@ -14085,7 +14085,7 @@ CVE-2022-34380 (Dell CloudLink 7.1.3 and all earlier versions contain an Authent
 CVE-2022-34379 (Dell EMC CloudLink 7.1.2 and all prior versions contain an Authenticat ...)
 	NOT-FOR-US: EMC
 CVE-2022-34378 (Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9. ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-34377
 	RESERVED
 CVE-2022-34376
@@ -14099,11 +14099,11 @@ CVE-2022-34373 (Dell Command | Integration Suite for System Center, versions pri
 CVE-2022-34372 (Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an  ...)
 	NOT-FOR-US: Dell
 CVE-2022-34371 (Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9. ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-34370
 	RESERVED
 CVE-2022-34369 (Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9. ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-34368 (Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0. ...)
 	NOT-FOR-US: EMC
 CVE-2022-34367 (Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11079ae8522ae0c77609cd388a0428a7ec535ac3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11079ae8522ae0c77609cd388a0428a7ec535ac3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220902/c3bf8d2c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list