[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 18 21:12:07 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
65495479 by Salvatore Bonaccorso at 2023-02-18T22:11:41+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3661,7 +3661,7 @@ CVE-2023-24771
 CVE-2023-24770
 	RESERVED
 CVE-2023-24769 (Changedetection.io before v0.40.1.1 was discovered to contain a stored ...)
-	TODO: check
+	NOT-FOR-US: Changedetection.io
 CVE-2023-24768
 	RESERVED
 CVE-2023-24767
@@ -17772,13 +17772,13 @@ CVE-2022-XXXX [node-d3-color redos]
 CVE-2023-21623
 	RESERVED
 CVE-2023-21622 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: FrameMaker
 CVE-2023-21621 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: FrameMaker
 CVE-2023-21620 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: FrameMaker
 CVE-2023-21619 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: FrameMaker
 CVE-2023-21618
 	RESERVED
 CVE-2023-21617
@@ -17830,7 +17830,7 @@ CVE-2023-21595 (Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are
 CVE-2023-21594 (Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affec ...)
 	NOT-FOR-US: Adobe
 CVE-2023-21593 (Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier)  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-21592 (Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affe ...)
 	NOT-FOR-US: Adobe
 CVE-2023-21591 (Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affe ...)
@@ -17848,9 +17848,9 @@ CVE-2023-21586
 CVE-2023-21585 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
 	NOT-FOR-US: Adobe
 CVE-2023-21584 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: FrameMaker
 CVE-2023-21583 (Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-21582
 	RESERVED
 CVE-2023-21581 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
@@ -17860,15 +17860,15 @@ CVE-2023-21580
 CVE-2023-21579 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
 	NOT-FOR-US: Adobe
 CVE-2023-21578 (Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-21577 (Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-21576 (Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-21575 (Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-21574 (Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affecte ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-4262 (Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a ...)
 	{DSA-5295-1}
 	- chromium 108.0.5359.94-1
@@ -19809,7 +19809,7 @@ CVE-2022-45703
 CVE-2022-45702
 	RESERVED
 CVE-2022-45701 (Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Arris TG2482A firmware
 CVE-2022-45700
 	RESERVED
 CVE-2022-45699 (Command injection in the administration interface in APSystems ECU-R v ...)
@@ -37256,9 +37256,9 @@ CVE-2022-40350
 CVE-2022-40349
 	RESERVED
 CVE-2022-40348 (Cross Site Scripting (XSS) vulnerability in Intern Record System versi ...)
-	TODO: check
+	NOT-FOR-US: Intern Record System
 CVE-2022-40347 (SQL Injection vulnerability in Intern Record System version 1.0 in /in ...)
-	TODO: check
+	NOT-FOR-US: Intern Record System
 CVE-2022-40346
 	RESERVED
 CVE-2022-40345
@@ -38057,7 +38057,7 @@ CVE-2022-40034 (Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-s
 CVE-2022-40033
 	RESERVED
 CVE-2022-40032 (SQL Injection vulnerability in Simple Task Managing System version 1.0 ...)
-	TODO: check
+	NOT-FOR-US: Simple Task Managing System
 CVE-2022-40031
 	RESERVED
 CVE-2022-40030 (SourceCodester Simple Task Managing System v1.0 was discovered to cont ...)
@@ -38083,7 +38083,7 @@ CVE-2022-40023 (Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression
 CVE-2022-40022 (Microchip Technology (Microsemi) SyncServer S650 was discovered to con ...)
 	NOT-FOR-US: Microchip Technology
 CVE-2022-40021 (QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283)  ...)
-	TODO: check
+	NOT-FOR-US: QVidium Technologies Amino A140
 CVE-2022-40020
 	RESERVED
 CVE-2022-40019
@@ -43956,7 +43956,7 @@ CVE-2022-37937
 CVE-2022-37936
 	RESERVED
 CVE-2022-37935 (HPE OneView for VMware vCenter, in certain circumstances, may disclose ...)
-	TODO: check
+	NOT-FOR-US: HPE OneView for VMware vCenter
 CVE-2022-37934 (A potential security vulnerability has been identified in HPE OfficeCo ...)
 	NOT-FOR-US: HPE
 CVE-2022-37933 (A potential security vulnerability has been identified in HPE Superdom ...)
@@ -57297,7 +57297,7 @@ CVE-2022-32974 (An authenticated attacker could read arbitrary files from the un
 CVE-2022-32973 (An authenticated attacker could create an audit file that bypasses Pow ...)
 	NOT-FOR-US: Nessus
 CVE-2022-32972 (Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injecti ...)
-	TODO: check
+	NOT-FOR-US: Infoblox BloxOne Endpoint for Windows
 CVE-2022-32969 (MetaMask before 10.11.3 might allow an attacker to access a user's sec ...)
 	NOT-FOR-US: MetaTask
 CVE-2022-32968



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65495479092ff5ae802e0b8640f1efa17f998990

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65495479092ff5ae802e0b8640f1efa17f998990
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230218/d3bebe21/attachment.htm>

More information about the debian-security-tracker-commits mailing list