[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 13 21:33:17 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
76408d33 by Salvatore Bonaccorso at 2022-09-13T22:32:49+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2022-40635 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: Crafter Studio of Crafter CMS
 CVE-2022-40634 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: Crafter Studio of Crafter CMS
 CVE-2022-40631
 	RESERVED
 CVE-2022-38097
@@ -961,7 +961,7 @@ CVE-2022-38144 (Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team
 CVE-2022-38140
 	RESERVED
 CVE-2022-38139 (Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Stati ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-38137
 	RESERVED
 CVE-2022-38135 (Broken Access Control vulnerability in Dean Oakley's Photospace Galler ...)
@@ -3116,13 +3116,13 @@ CVE-2022-39210
 CVE-2022-39209
 	RESERVED
 CVE-2022-39208 (Onedev is an open source, self-hosted Git Server with CI/CD and Kanban ...)
-	TODO: check
+	NOT-FOR-US: Onedev
 CVE-2022-39207 (Onedev is an open source, self-hosted Git Server with CI/CD and Kanban ...)
-	TODO: check
+	NOT-FOR-US: Onedev
 CVE-2022-39206 (Onedev is an open source, self-hosted Git Server with CI/CD and Kanban ...)
-	TODO: check
+	NOT-FOR-US: Onedev
 CVE-2022-39205 (Onedev is an open source, self-hosted Git Server with CI/CD and Kanban ...)
-	TODO: check
+	NOT-FOR-US: Onedev
 CVE-2022-39204
 	RESERVED
 CVE-2022-39203 (matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. ...)
@@ -3274,49 +3274,49 @@ CVE-2022-39188 (An issue was discovered in include/asm-generic/tlb.h in the Linu
 CVE-2022-39159
 	RESERVED
 CVE-2022-39158 (A vulnerability has been identified in RUGGEDCOM ROS RMC8388 (All vers ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39157
 	RESERVED
 CVE-2022-39156 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39155 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39154 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39153 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39152 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39151 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39150 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39149 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39148 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39147 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39146 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39145 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39144 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39143 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39142 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39141 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39140 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39139 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39138 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39137 (A vulnerability has been identified in Parasolid V33.1 (All versions & ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2022-39136
 	RESERVED
 CVE-2022-39135 (In Apache Calcite prior to version 1.32.0 the SQL operators EXISTS_NOD ...)
@@ -4177,17 +4177,17 @@ CVE-2022-38797
 CVE-2022-38796
 	RESERVED
 CVE-2022-38453 (Multiple binary application files on the CMS8000 device are compiled w ...)
-	TODO: check
+	NOT-FOR-US: Contec Health
 CVE-2022-38399 (Missing protection mechanism for alternate hardware interface in SmaCa ...)
 	NOT-FOR-US: SmaCam
 CVE-2022-38138
 	RESERVED
 CVE-2022-38100 (The CMS800 device fails while attempting to parse malformed network da ...)
-	TODO: check
+	NOT-FOR-US: Contec Health
 CVE-2022-38069 (Multiple globally default credentials exist across all CMS8000 devices ...)
-	TODO: check
+	NOT-FOR-US: Contec Health
 CVE-2022-36385 (A threat actor with momentary access to the device can plug in a USB d ...)
-	TODO: check
+	NOT-FOR-US: Contec Health
 CVE-2022-3033
 	RESERVED
 	- thunderbird 1:102.2.1-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76408d3374ea90c234676adf6588783470055209

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76408d3374ea90c234676adf6588783470055209
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220913/5eecc6bb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list