[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Wed, 16 Mar 2022 01:31:58 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fe814c90 by Salvatore Bonaccorso at 2022-03-16T09:29:55+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18,7 +18,7 @@ CVE-2022-0991
 CVE-2022-0990
        RESERVED
 CVE-2020-36519 (Mimecast Email Security before 2020-01-10 allows any admin to 
spoof an ...)
-       TODO: check
+       NOT-FOR-US: Mimecast Email Security
 CVE-2022-27221
        RESERVED
 CVE-2022-27220
@@ -631,37 +631,37 @@ CVE-2022-27007
 CVE-2022-27006
        RESERVED
 CVE-2022-27005 (Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R 
V9.1.0u.61 ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-27004 (Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R 
V9.1.0u.61 ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-27003 (Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R 
V9.1.0u.61 ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-27002 (Arris TR3300 v1.0.13 were discovered to contain a command 
injection vu ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-27001 (Arris TR3300 v1.0.13 were discovered to contain a command 
injection vu ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-27000 (Arris TR3300 v1.0.13 was discovered to contain a command 
injection vul ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26999 (Arris TR3300 v1.0.13 was discovered to contain a command 
injection vul ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26998 (Arris TR3300 v1.0.13 was discovered to contain a command 
injection vul ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26997 (Arris TR3300 v1.0.13 was discovered to contain a command 
injection vul ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26996 (Arris TR3300 v1.0.13 was discovered to contain a command 
injection vul ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26995 (Arris TR3300 v1.0.13 was discovered to contain a command 
injection vul ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26994 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and 
SBR-AC1 ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26993 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and 
SBR-AC1 ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26992 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and 
SBR-AC1 ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26991 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and 
SBR-AC1 ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26990 (Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and 
SBR-AC1 ...)
-       TODO: check
+       NOT-FOR-US: Arris
 CVE-2022-26989
        RESERVED
 CVE-2022-26988
@@ -2639,23 +2639,23 @@ CVE-2022-26216
 CVE-2022-26215
        RESERVED
 CVE-2022-26214 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26213 (Totolink X5000R_Firmware v9.1.0u.6118_B20201102 was discovered 
to cont ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26212 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26211 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26210 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26209 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26208 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26207 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26206 (Totolink A830R V5.9c.4729_B20191112, A3100R 
V4.1.2cu.5050_B20200504, A ...)
-       TODO: check
+       NOT-FOR-US: Totolink
 CVE-2022-26205
        RESERVED
 CVE-2022-26204
@@ -4502,33 +4502,33 @@ CVE-2022-25500
 CVE-2022-25499
        RESERVED
 CVE-2022-25498 (CuppaCMS v1.0 was discovered to contain a remote code 
execution (RCE)  ...)
-       TODO: check
+       NOT-FOR-US: CuppaCMS
 CVE-2022-25497 (CuppaCMS v1.0 was discovered to contain an arbitrary file read 
via the ...)
-       TODO: check
+       NOT-FOR-US: CuppaCMS
 CVE-2022-25496
        RESERVED
 CVE-2022-25495 (The component /jquery_file_upload/server/php/index.php of 
CuppaCMS v1. ...)
-       TODO: check
+       NOT-FOR-US: CuppaCMS
 CVE-2022-25494 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
-       TODO: check
+       NOT-FOR-US: Online Banking System
 CVE-2022-25493 (HMS v1.0 was discovered to contain a reflected cross-site 
scripting (X ...)
-       TODO: check
+       NOT-FOR-US: HMS
 CVE-2022-25492 (HMS v1.0 was discovered to contain a SQL injection 
vulnerability via t ...)
-       TODO: check
+       NOT-FOR-US: HMS
 CVE-2022-25491 (HMS v1.0 was discovered to contain a SQL injection 
vulnerability via t ...)
-       TODO: check
+       NOT-FOR-US: HMS
 CVE-2022-25490 (HMS v1.0 was discovered to contain a SQL injection 
vulnerability via t ...)
-       TODO: check
+       NOT-FOR-US: HMS
 CVE-2022-25489 (Atom CMS v2.0 was discovered to contain a reflected cross-site 
scripti ...)
-       TODO: check
+       NOT-FOR-US: Atom CMS
 CVE-2022-25488 (Atom CMS v2.0 was discovered to contain a SQL injection 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Atom CMS
 CVE-2022-25487 (Atom CMS v2.0 was discovered to contain a remote code 
execution (RCE)  ...)
-       TODO: check
+       NOT-FOR-US: Atom CMS
 CVE-2022-25486 (CuppaCMS v1.0 was discovered to contain a local file inclusion 
via the ...)
-       TODO: check
+       NOT-FOR-US: CuppaCMS
 CVE-2022-25485 (CuppaCMS v1.0 was discovered to contain a local file inclusion 
via the ...)
-       TODO: check
+       NOT-FOR-US: CuppaCMS
 CVE-2022-25484
        RESERVED
 CVE-2022-25483
@@ -9182,7 +9182,7 @@ CVE-2022-23990 (Expat (aka libexpat) before 2.4.4 has an 
integer overflow in the
        NOTE: Introduced with: 
https://github.com/libexpat/libexpat/commit/cb8a4c756d057b948c1b41e7185dd69ef3ade3fb
 (R_1_95_4)
        NOTE: Fixed by: 
https://github.com/libexpat/libexpat/commit/ede41d1e186ed2aba88a06e84cac839b770af3a1
 (R_2_4_4)
 CVE-2022-23989 (In Stormshield Network Security (SNS) 3.7.6 through 3.7.24, 
3.11.1 thr ...)
-       TODO: check
+       NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2022-23988 (The WS Form LITE and Pro WordPress plugins before 1.8.176 do 
not sanit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-23987 (The WS Form LITE and Pro WordPress plugins before 1.8.176 do 
not sanit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe814c90d501a0b6ead3320f1a3de856121a4034

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe814c90d501a0b6ead3320f1a3de856121a4034
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to