[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Sat, 29 Jan 2022 00:25:24 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0abbb35f by Salvatore Bonaccorso at 2022-01-29T09:24:49+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -157,7 +157,7 @@ CVE-2022-24070
 CVE-2022-0396
        RESERVED
 CVE-2022-0395 (Cross-site Scripting (XSS) - Stored in Packagist 
remdex/livehelperchat ...)
-       TODO: check
+       NOT-FOR-US: livehelperchat
 CVE-2022-0394 (Cross-site Scripting (XSS) - Stored in Packagist 
remdex/livehelperchat ...)
        NOT-FOR-US: livehelperchat
 CVE-2022-0393 (Out-of-bounds Read in Conda vim prior to 8.2. ...)
@@ -855,11 +855,11 @@ CVE-2022-23891
 CVE-2022-23890
        RESERVED
 CVE-2022-23889 (The comment function in YzmCMS v6.3 was discovered as being 
able to be ...)
-       TODO: check
+       NOT-FOR-US: YzmCMS
 CVE-2022-23888 (YzmCMS v6.3 was discovered to contain a Cross-Site Request 
Forgey (CSR ...)
-       TODO: check
+       NOT-FOR-US: YzmCMS
 CVE-2022-23887 (YzmCMS v6.3 was discovered to contain a Cross-Site Request 
Forgery (CS ...)
-       TODO: check
+       NOT-FOR-US: YzmCMS
 CVE-2022-23886
        RESERVED
 CVE-2022-23885
@@ -905,7 +905,7 @@ CVE-2022-23866
 CVE-2022-23865
        RESERVED
 CVE-2022-0352 (Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior 
to 0.6 ...)
-       TODO: check
+       NOT-FOR-US: calibre-web
 CVE-2022-0351 (Access of Memory Location Before Start of Buffer in Conda vim 
prior to ...)
        - vim <unfixed>
        [bullseye] - vim <no-dsa> (Minor issue)
@@ -1151,15 +1151,15 @@ CVE-2021-46450
 CVE-2021-46449
        RESERVED
 CVE-2021-46448 (H.H.G Multistore v5.1.0 and below was discovered to contain a 
SQL inje ...)
-       TODO: check
+       NOT-FOR-US: H.H.G Multistore
 CVE-2021-46447 (A cross-site scripting (XSS) vulnerability in H.H.G Multistore 
v5.1.0  ...)
-       TODO: check
+       NOT-FOR-US: H.H.G Multistore
 CVE-2021-46446 (H.H.G Multistore v5.1.0 and below was discovered to contain a 
SQL inje ...)
-       TODO: check
+       NOT-FOR-US: H.H.G Multistore
 CVE-2021-46445 (H.H.G Multistore v5.1.0 and below was discovered to contain a 
SQL inje ...)
-       TODO: check
+       NOT-FOR-US: H.H.G Multistore
 CVE-2021-46444 (H.H.G Multistore v5.1.0 and below was discovered to contain a 
SQL inje ...)
-       TODO: check
+       NOT-FOR-US: H.H.G Multistore
 CVE-2021-46443
        RESERVED
 CVE-2021-46442
@@ -1624,7 +1624,7 @@ CVE-2022-23729
 CVE-2022-23728 (Attacker can reset the device with AT Command in the process 
of reboot ...)
        NOT-FOR-US: LG
 CVE-2022-23727 (There is a privilege escalation vulnerability in some webOS 
TVs. Due t ...)
-       TODO: check
+       NOT-FOR-US: LG
 CVE-2022-23726
        RESERVED
 CVE-2022-23725
@@ -2174,7 +2174,7 @@ CVE-2022-0312
 CVE-2022-0299
        RESERVED
 CVE-2022-23456 (Potential arbitrary file deletion vulnerability has been 
identified in ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2022-23455
        RESERVED
 CVE-2022-23454
@@ -3862,9 +3862,9 @@ CVE-2022-22995
 CVE-2022-22994 (A remote code execution vulnerability was discovered on 
Western Digita ...)
        TODO: check
 CVE-2022-22993 (A limited SSRF vulnerability was discovered on Western Digital 
My Clou ...)
-       TODO: check
+       NOT-FOR-US: Western Digital
 CVE-2022-22992 (A command injection remote code execution vulnerability was 
discovered ...)
-       TODO: check
+       NOT-FOR-US: Western Digital
 CVE-2022-22991 (A malicious user on the same LAN could use DNS spoofing 
followed by a  ...)
        NOT-FOR-US: Western Digital / My Cloud OS 5 Firmware
 CVE-2022-22990 (A limited authentication bypass vulnerability was discovered 
that coul ...)
@@ -3992,7 +3992,7 @@ CVE-2022-22940
 CVE-2022-22939
        RESERVED
 CVE-2022-22938 (VMware Workstation (16.x prior to 16.2.2) and Horizon Client 
for Windo ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2022-22937
        RESERVED
 CVE-2022-22936
@@ -18351,7 +18351,7 @@ CVE-2021-42793
 CVE-2021-42792
        RESERVED
 CVE-2021-42791 (An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The 
HTTP req ...)
-       TODO: check
+       NOT-FOR-US: VeridiumID
 CVE-2021-42790
        RESERVED
 CVE-2021-42789



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0abbb35f3601aaf5501c8e28c12248a82ad33aa2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0abbb35f3601aaf5501c8e28c12248a82ad33aa2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to