[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 4 08:31:03 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
faa4fdfb by Salvatore Bonaccorso at 2023-01-04T09:30:41+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8985,7 +8985,7 @@ CVE-2022-45868 (The web-based admin console in H2 Database Engine through 2.1.21
 	NOTE: Not cosidered a vulnerability of H2 Console by vendor. Passwords should never be
 	NOTE: passed on the command line.
 CVE-2022-45867 (MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages  ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2022-45866 (qpress before PierreLvx/qpress 20220819 and before version 11.3, as us ...)
 	NOT-FOR-US: qpress
 CVE-2022-4136 (Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4 ...)
@@ -14017,9 +14017,9 @@ CVE-2022-44537
 CVE-2022-44536
 	RESERVED
 CVE-2022-44535 (A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-b ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-44534 (A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-b ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-44533 (A vulnerability in the Aruba EdgeConnect Enterprise web management int ...)
 	NOT-FOR-US: Aruba
 CVE-2022-44532 (An authenticated path traversal vulnerability exists in the Aruba Edge ...)
@@ -15082,7 +15082,7 @@ CVE-2022-44038 (Russound XSourcePlayer 777D v06.08.03 was discovered to contain
 CVE-2022-44037 (An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) ...)
 	NOT-FOR-US: APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software
 CVE-2022-44036 (** DISPUTED ** In b2evolution 7.2.5, if configured with admins_can_man ...)
-	TODO: check
+	NOT-FOR-US: b2evolution CMS
 CVE-2022-44035
 	RESERVED
 CVE-2022-44034 (An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ...)
@@ -18148,41 +18148,41 @@ CVE-2022-43542 (Vulnerabilities in the Aruba EdgeConnect Enterprise command line
 CVE-2022-43541 (Vulnerabilities in the Aruba EdgeConnect Enterprise command line inter ...)
 	NOT-FOR-US: Aruba
 CVE-2022-43540 (A vulnerability exists in the ClearPass OnGuard macOS agent that allow ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43539 (A vulnerability exists in the ClearPass Policy Manager cluster communi ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43538 (Vulnerabilities in the ClearPass Policy Manager web-based management i ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43537 (Vulnerabilities in the ClearPass Policy Manager web-based management i ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43536 (Vulnerabilities in the ClearPass Policy Manager web-based management i ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43535 (A vulnerability in the ClearPass OnGuard Windows agent could allow mal ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43534 (A vulnerability in the ClearPass OnGuard Linux agent could allow malic ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43533 (A vulnerability in the ClearPass OnGuard macOS agent could allow malic ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43532 (A vulnerability in the web-based management interface of ClearPass Pol ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43531 (Vulnerabilities in the web-based management interface of ClearPass Pol ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43530 (Vulnerabilities in the web-based management interface of ClearPass Pol ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43529 (A vulnerability in the web-based management interface of Aruba EdgeCon ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43528 (Under certain configurations, an attacker can login to Aruba EdgeConne ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43527 (Multiple vulnerabilities within the web-based management interface of  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43526 (Multiple vulnerabilities within the web-based management interface of  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43525 (Multiple vulnerabilities within the web-based management interface of  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43524 (A vulnerability in the web-based management interface of Aruba EdgeCon ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43523 (Multiple vulnerabilities in the web-based management interface of Arub ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2022-43522 (Multiple vulnerabilities in the web-based management interface of Arub ...)
 	NOT-FOR-US: Aruba
 CVE-2022-43521 (Multiple vulnerabilities in the web-based management interface of Arub ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faa4fdfb00dca0c78abd29c1c9579c068349ee05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faa4fdfb00dca0c78abd29c1c9579c068349ee05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230104/aa1734c9/attachment.htm>

More information about the debian-security-tracker-commits mailing list