[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 14 Jan 2022 12:01:37 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
04a7a3ae by Salvatore Bonaccorso at 2022-01-14T21:00:56+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -122,7 +122,7 @@ CVE-2021-31567
 CVE-2021-26256
        RESERVED
 CVE-2021-23227 (Cross-Site Request Forgery (CSRF) vulnerability discovered in 
PHP Ever ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-23209
        RESERVED
 CVE-2021-23174
@@ -324,7 +324,7 @@ CVE-2022-23127
 CVE-2022-23126
        RESERVED
 CVE-2022-0198 (corenlp is vulnerable to Improper Restriction of XML External 
Entity R ...)
-       TODO: check
+       NOT-FOR-US: corenlp
 CVE-2022-0197 (phoronix-test-suite is vulnerable to Cross-Site Request Forgery 
(CSRF) ...)
        - phoronix-test-suite <removed>
 CVE-2022-0196 (phoronix-test-suite is vulnerable to Cross-Site Request Forgery 
(CSRF) ...)
@@ -640,13 +640,13 @@ CVE-2022-22993
 CVE-2022-22992
        RESERVED
 CVE-2022-22991 (A malicious user on the same LAN could use DNS spoofing 
followed by a  ...)
-       TODO: check
+       NOT-FOR-US: Western Digital / My Cloud OS 5 Firmware
 CVE-2022-22990 (A limited authentication bypass vulnerability was discovered 
that coul ...)
-       TODO: check
+       NOT-FOR-US: Western Digital / My Cloud OS 5 Firmware
 CVE-2022-22989 (My Cloud OS 5 was vulnerable to a pre-authenticated stack 
overflow vul ...)
-       TODO: check
+       NOT-FOR-US: Western Digital / My Cloud OS 5 Firmware
 CVE-2022-22988 (File and directory permissions have been corrected to prevent 
unintend ...)
-       TODO: check
+       NOT-FOR-US: Western Digital
 CVE-2022-21234
        RESERVED
 CVE-2022-21210
@@ -662,7 +662,7 @@ CVE-2022-0180
 CVE-2022-0179 (snipe-it is vulnerable to Improper Access Control ...)
        NOT-FOR-US: snipe-it
 CVE-2022-0178 (snipe-it is vulnerable to Improper Access Control ...)
-       TODO: check
+       NOT-FOR-US: snipe-it
 CVE-2022-0177
        RESERVED
 CVE-2021-4204 [eBPF Improper Input Validation Vulnerability]
@@ -1007,7 +1007,7 @@ CVE-2021-46257
 CVE-2021-46256
        RESERVED
 CVE-2021-46255 (eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion 
due to  ...)
-       TODO: check
+       NOT-FOR-US: eyouCMS
 CVE-2021-46254
        RESERVED
 CVE-2021-46253



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04a7a3aecc03243f7a0cd313917de5cbfe27c35d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04a7a3aecc03243f7a0cd313917de5cbfe27c35d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to