[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 12 21:21:28 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac4c452a by Salvatore Bonaccorso at 2022-09-12T22:21:03+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6932,7 +6932,7 @@ CVE-2022-37862
 CVE-2022-37861
 	RESERVED
 CVE-2022-37860 (The web configuration interface of the TP-Link M7350 V3 with firmware  ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2022-37859
 	RESERVED
 CVE-2022-37858
@@ -6982,7 +6982,7 @@ CVE-2022-37837
 CVE-2022-37836
 	RESERVED
 CVE-2022-37835 (Torguard VPN 4.8, has a vulnerability that allows an attacker to dump  ...)
-	TODO: check
+	NOT-FOR-US: Torguard VPN
 CVE-2022-37834
 	RESERVED
 CVE-2022-37833
@@ -7130,7 +7130,7 @@ CVE-2022-37768 (libjpeg commit 281daa9 was discovered to contain an infinite loo
 	NOTE: https://github.com/thorfdbg/libjpeg/commit/281daa9ccee18742b83a77cd29bd2726b69b7977
 	NOTE: Hang in CLI tool, no security impact
 CVE-2022-37767 (Pebble Templates 3.1.5 allows attackers to bypass a protection mechani ...)
-	TODO: check
+	NOT-FOR-US: Pebble Templates
 CVE-2022-37766
 	RESERVED
 CVE-2022-37765
@@ -24454,19 +24454,19 @@ CVE-2022-31228
 CVE-2022-31227
 	RESERVED
 CVE-2022-31226 (Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31225 (Dell BIOS versions contain an Unchecked Return Value vulnerability. A  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31224 (Dell BIOS versions contain an Improper Protection Against Voltage and  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31223 (Dell BIOS versions contain an Improper Neutralization of Null Byte vul ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31222 (Dell BIOS versions contain a Missing Release of Resource after Effecti ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31221 (Dell BIOS versions contain an Information Exposure vulnerability. A lo ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31220 (Dell BIOS versions contain an Unchecked Return Value vulnerability. A  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2022-31219 (Vulnerabilities in the Drive Composer allow a low privileged attacker  ...)
 	NOT-FOR-US: Drive Composer
 CVE-2022-31218 (Vulnerabilities in the Drive Composer allow a low privileged attacker  ...)
@@ -24991,7 +24991,7 @@ CVE-2022-31022 (Bleve is a text indexing library for go. Bleve includes HTTP uti
 CVE-2022-31021
 	RESERVED
 CVE-2022-31020 (Indy Node is the server portion of a distributed ledger purpose-built  ...)
-	TODO: check
+	NOT-FOR-US: Indy Node
 CVE-2022-31019 (Vapor is a server-side Swift HTTP web framework. When using automatic  ...)
 	NOT-FOR-US: Vapor
 CVE-2022-31018 (Play Framework is a web framework for Java and Scala. A denial of serv ...)
@@ -25026,7 +25026,7 @@ CVE-2022-31008
 CVE-2022-31007 (eLabFTW is an electronic lab notebook manager for research teams. Prio ...)
 	NOT-FOR-US: eLabFTW
 CVE-2022-31006 (indy-node is the server portion of Hyperledger Indy, a distributed led ...)
-	TODO: check
+	NOT-FOR-US: Indy Node
 CVE-2022-31005 (Vapor is an HTTP web framework for Swift. Users of Vapor prior to vers ...)
 	NOT-FOR-US: Vapor
 CVE-2022-31004 (CVEProject/cve-services is an open source project used to operate the  ...)
@@ -26259,7 +26259,7 @@ CVE-2022-1702 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlie
 CVE-2022-1701 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier ver ...)
 	NOT-FOR-US: SonicWall
 CVE-2022-1700 (Improper Restriction of XML External Entity Reference ('XXE') vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Forcepoint
 CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2022-30615



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac4c452afb959d637d4f7cb83885b687d36c0b0e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac4c452afb959d637d4f7cb83885b687d36c0b0e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220912/f6c2a6d3/attachment.htm>

More information about the debian-security-tracker-commits mailing list