[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Sep 13 09:32:57 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bdee6244 by Salvatore Bonaccorso at 2022-09-13T10:32:30+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -920,7 +920,7 @@ CVE-2022-38139
 CVE-2022-38137
 	RESERVED
 CVE-2022-38135 (Broken Access Control vulnerability in Dean Oakley's Photospace Galler ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-38134
 	RESERVED
 CVE-2022-38098
@@ -4456,7 +4456,7 @@ CVE-2022-2980 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.
 	NOTE: https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1 (9.0.0259)
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-2979 (Opening a specially crafted file could cause the affected product to f ...)
-	TODO: check
+	NOT-FOR-US: Omron
 CVE-2022-2978 (A flaw use after free in the Linux kernel NILFS file system was found  ...)
 	- linux <unfixed>
 	NOTE: https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91@hust.edu.cn/T/#u
@@ -4836,7 +4836,7 @@ CVE-2022-38612
 CVE-2022-38611
 	RESERVED
 CVE-2022-38610 (Garage Management System v1.0 was discovered to contain a SQL injectio ...)
-	TODO: check
+	NOT-FOR-US: Garage Management System
 CVE-2022-38609
 	RESERVED
 CVE-2022-38608
@@ -4844,9 +4844,9 @@ CVE-2022-38608
 CVE-2022-38607
 	RESERVED
 CVE-2022-38606 (Garage Management System v1.0 was discovered to contain a SQL injectio ...)
-	TODO: check
+	NOT-FOR-US: Garage Management System
 CVE-2022-38605 (Church Management System v1.0 was discovered to contain a SQL injectio ...)
-	TODO: check
+	NOT-FOR-US: Church Management System
 CVE-2022-38604
 	RESERVED
 CVE-2022-38603
@@ -5852,11 +5852,11 @@ CVE-2022-2818 (Authentication Bypass by Primary Weakness in GitHub repository co
 CVE-2022-38305
 	RESERVED
 CVE-2022-38304 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
-	TODO: check
+	NOT-FOR-US: Online Leave Management System
 CVE-2022-38303 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
-	TODO: check
+	NOT-FOR-US: Online Leave Management System
 CVE-2022-38302 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
-	TODO: check
+	NOT-FOR-US: Online Leave Management System
 CVE-2022-38301
 	RESERVED
 CVE-2022-38300
@@ -5866,19 +5866,19 @@ CVE-2022-38299 (An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows
 CVE-2022-38298 (Appsmith v1.7.11 was discovered to allow attackers to execute an authe ...)
 	TODO: check
 CVE-2022-38297 (UCMS v1.6.0 contains an authentication bypass vulnerability which is e ...)
-	TODO: check
+	NOT-FOR-US: UCMS
 CVE-2022-38296 (Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vuln ...)
-	TODO: check
+	NOT-FOR-US: Cuppa CMS
 CVE-2022-38295 (Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulner ...)
-	TODO: check
+	NOT-FOR-US: Cuppa CMS
 CVE-2022-38294
 	RESERVED
 CVE-2022-38293
 	RESERVED
 CVE-2022-38292 (SLiMS Senayan Library Management System v9.4.2 was discovered to conta ...)
-	TODO: check
+	NOT-FOR-US: SLiMS Senayan Library Management System
 CVE-2022-38291 (SLiMS Senayan Library Management System v9.4.2 was discovered to conta ...)
-	TODO: check
+	NOT-FOR-US: SLiMS Senayan Library Management System
 CVE-2022-38290
 	RESERVED
 CVE-2022-38289



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdee62445f2ef55db0141cdb3b2de0e2b0700907

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdee62445f2ef55db0141cdb3b2de0e2b0700907
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220913/276475bb/attachment-0001.htm>
