[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 15 09:50:09 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7c54b359 by Salvatore Bonaccorso at 2022-09-15T10:49:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2022-40738 (An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer de ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-40737 (An issue was discovered in Bento4 through 1.6.0-639. A buffer over-rea ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-40736 (An issue was discovered in Bento4 1.6.0-639. There ie excessive memory ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-40735
 	RESERVED
 CVE-2022-40734 (UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 a ...)
@@ -747,9 +747,9 @@ CVE-2022-40441
 CVE-2022-40440
 	RESERVED
 CVE-2022-40439 (An memory leak issue was discovered in AP4_StdcFileByteStream::Create  ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-40438 (Buffer overflow vulnerability in function AP4_MemoryByteStream::WriteP ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2022-40437
 	RESERVED
 CVE-2022-40436
@@ -5199,9 +5199,9 @@ CVE-2022-38597
 CVE-2022-38596
 	RESERVED
 CVE-2022-38595 (Church Management System v1.0 was discovered to contain a SQL injectio ...)
-	TODO: check
+	NOT-FOR-US: Church Management System
 CVE-2022-38594 (Church Management System v1.0 was discovered to contain a SQL injectio ...)
-	TODO: check
+	NOT-FOR-US: Church Management System
 CVE-2022-38593
 	RESERVED
 CVE-2022-38592
@@ -6070,7 +6070,7 @@ CVE-2022-38354
 CVE-2022-38353
 	RESERVED
 CVE-2022-38352 (ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: ThinkPHP
 CVE-2022-38351
 	RESERVED
 CVE-2022-38350
@@ -6128,7 +6128,7 @@ CVE-2022-38325
 CVE-2022-38324
 	RESERVED
 CVE-2022-38323 (Event Management System v1.0 was discovered to contain an arbitrary fi ...)
-	TODO: check
+	NOT-FOR-US: Event Management System
 CVE-2022-38322
 	RESERVED
 CVE-2022-38321
@@ -6158,7 +6158,7 @@ CVE-2022-38310 (Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered t
 CVE-2022-38309 (Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to cont ...)
 	NOT-FOR-US: Tenda
 CVE-2022-38308 (TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a comm ...)
-	TODO: check
+	NOT-FOR-US: TOTOLink
 CVE-2022-38307 (LIEF commit 5d1d643 was discovered to contain a segmentation violation ...)
 	NOT-FOR-US: LIEF
 CVE-2022-38306 (LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow i ...)
@@ -6192,7 +6192,7 @@ CVE-2022-38303 (Online Leave Management System v1.0 was discovered to contain a
 CVE-2022-38302 (Online Leave Management System v1.0 was discovered to contain a SQL in ...)
 	NOT-FOR-US: Online Leave Management System
 CVE-2022-38301 (Onedev v7.4.14 contains a path traversal vulnerability which allows at ...)
-	TODO: check
+	NOT-FOR-US: Onedev
 CVE-2022-38300
 	RESERVED
 CVE-2022-38299 (An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attack ...)
@@ -7629,7 +7629,7 @@ CVE-2022-37726
 CVE-2022-37725
 	RESERVED
 CVE-2022-37724 (Project Wonder WebObjects 1.0 through 5.4.3 is vulnerable to Arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Project Wonder WebObjects
 CVE-2022-37723
 	RESERVED
 CVE-2022-37722



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c54b3593d11982386d893f3b4767856daa9401b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c54b3593d11982386d893f3b4767856daa9401b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220915/1b0f897b/attachment.htm>


More information about the debian-security-tracker-commits mailing list