[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 31 21:33:48 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
213c152e by Salvatore Bonaccorso at 2023-01-31T22:33:21+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -561,7 +561,7 @@ CVE-2023-0573
 CVE-2023-0572 (Unchecked Error Condition in GitHub repository froxlor/froxlor prior t ...)
 	- froxlor <itp> (bug #581792)
 CVE-2022-4898 (In affected versions of Octopus Server the help sidebar can be customi ...)
-	TODO: check
+	NOT-FOR-US: Octopus Server
 CVE-2022-48304
 	RESERVED
 CVE-2022-48303 (GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ...)
@@ -1170,15 +1170,15 @@ CVE-2023-24467
 CVE-2023-24466
 	RESERVED
 CVE-2023-24020 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass ...)
-	TODO: check
+	NOT-FOR-US: Snap One Wattbox WB-300-IP-3
 CVE-2023-23582 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Snap One Wattbox WB-300-IP-3
 CVE-2023-22389 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwo ...)
-	TODO: check
+	NOT-FOR-US: Snap One Wattbox WB-300-IP-3
 CVE-2023-22371
 	RESERVED
 CVE-2023-22315 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a propri ...)
-	TODO: check
+	NOT-FOR-US: Snap One Wattbox WB-300-IP-3
 CVE-2023-0456
 	RESERVED
 CVE-2023-0455 (Unrestricted Upload of File with Dangerous Type in GitHub repository u ...)
@@ -6540,9 +6540,9 @@ CVE-2023-22613
 CVE-2023-22612
 	RESERVED
 CVE-2023-22611 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor  ...)
-	TODO: check
+	NOT-FOR-US: EcoStruxure Geo SCADA Expert
 CVE-2023-22610 (A CWE-285: Improper Authorization vulnerability exists that could caus ...)
-	TODO: check
+	NOT-FOR-US: EcoStruxure Geo SCADA Expert
 CVE-2023-22609
 	RESERVED
 CVE-2023-22608
@@ -7285,9 +7285,9 @@ CVE-2022-48178
 CVE-2022-48177
 	RESERVED
 CVE-2022-48176 (Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7 ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2022-48175 (Rukovoditel v3.2.1 was discovered to contain a remote code execution ( ...)
-	TODO: check
+	NOT-FOR-US: Rukovoditel
 CVE-2022-48174
 	RESERVED
 CVE-2022-48173
@@ -7625,7 +7625,7 @@ CVE-2022-48008 (An arbitrary file upload vulnerability in the plugin manager of
 CVE-2022-48007 (A stored cross-site scripting (XSS) vulnerability in identification.ph ...)
 	- piwigo <removed>
 CVE-2022-48006 (An arbitrary file upload vulnerability in taocms v3.0.2 allows attacke ...)
-	TODO: check
+	NOT-FOR-US: Taocms
 CVE-2022-48005
 	RESERVED
 CVE-2022-48004
@@ -8880,7 +8880,7 @@ CVE-2022-47782
 CVE-2022-47781
 	RESERVED
 CVE-2022-47780 (SQL Injection vulnerability in Bangresto 1.0 via the itemID parameter. ...)
-	TODO: check
+	NOT-FOR-US: Bangresto
 CVE-2022-47779
 	RESERVED
 CVE-2022-47778
@@ -9038,15 +9038,15 @@ CVE-2022-47703
 CVE-2022-47702
 	RESERVED
 CVE-2022-47701 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
-	TODO: check
+	NOT-FOR-US: COMFAST Router
 CVE-2022-47700 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
-	TODO: check
+	NOT-FOR-US: COMFAST Router
 CVE-2022-47699 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
-	TODO: check
+	NOT-FOR-US: COMFAST Router
 CVE-2022-47698 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
-	TODO: check
+	NOT-FOR-US: COMFAST Router
 CVE-2022-47697 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
-	TODO: check
+	NOT-FOR-US: COMFAST Router
 CVE-2022-47696
 	RESERVED
 CVE-2022-47695



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/213c152eea64b1cc763562337b3452b1e78a95ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/213c152eea64b1cc763562337b3452b1e78a95ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230131/3252d671/attachment.htm>

More information about the debian-security-tracker-commits mailing list