[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Thu, 24 Mar 2022 01:45:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
06ee07d0 by Salvatore Bonaccorso at 2022-03-24T09:45:10+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1257,7 +1257,7 @@ CVE-2022-27256
 CVE-2022-27255
        RESERVED
 CVE-2022-27254 (The remote keyless system on Honda Civic 2018 vehicles sends 
the same  ...)
-       TODO: check
+       NOT-FOR-US: Honda
 CVE-2022-27253
        RESERVED
 CVE-2022-27252
@@ -1267,7 +1267,7 @@ CVE-2022-27251
 CVE-2022-27250 (The UNISOC chipset through 2022-03-15 allows attackers to 
obtain remot ...)
        NOT-FOR-US: UNISOC
 CVE-2022-1030 (Okta Advanced Server Access Client for Linux and macOS prior to 
versio ...)
-       TODO: check
+       NOT-FOR-US: Okta Advanced Server Access Client
 CVE-2022-1029
        RESERVED
 CVE-2022-1028
@@ -1508,7 +1508,7 @@ CVE-2022-27195 (Jenkins Parameterized Trigger Plugin 2.43 
and earlier captures e
 CVE-2022-27193 (CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External 
Entities (X ...)
        TODO: check
 CVE-2022-27192 (The Reporting module in Aseco Lietuva document management 
system DVS A ...)
-       TODO: check
+       NOT-FOR-US: Aseco
 CVE-2022-27191 (golang.org/x/crypto/ssh before 
0.0.0-20220314234659-1baeb1ce4c0b in Go ...)
        - golang-go.crypto 1:0.0~git20220315.3147a52-1
        NOTE: 
https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ
@@ -6584,13 +6584,13 @@ CVE-2022-25272
 CVE-2022-25270 (The Quick Edit module does not properly check entity access in 
some ci ...)
        NOT-FOR-US: Drupal 9.x
 CVE-2022-25269 (Passwork On-Premise Edition before 4.6.13 has multiple XSS 
issues. ...)
-       TODO: check
+       NOT-FOR-US: Passwork On-Premise
 CVE-2022-25268 (Passwork On-Premise Edition before 4.6.13 allows CSRF via the 
groups,  ...)
-       TODO: check
+       NOT-FOR-US: Passwork On-Premise
 CVE-2022-25267 (Passwork On-Premise Edition before 4.6.13 allows 
migration/uploadExpor ...)
-       TODO: check
+       NOT-FOR-US: Passwork On-Premise
 CVE-2022-25266 (Passwork On-Premise Edition before 4.6.13 allows 
migration/downloadExp ...)
-       TODO: check
+       NOT-FOR-US: Passwork On-Premise
 CVE-2022-25265 (In the Linux kernel through 5.16.10, certain binary files may 
have the ...)
        - linux <unfixed> (unimportant)
        NOTE: https://github.com/x0reaxeax/exec-prot-bypass
@@ -6802,11 +6802,11 @@ CVE-2022-25225 (Network Olympus version 1.8.0 allows an 
authenticated admin user
 CVE-2022-25224
        RESERVED
 CVE-2022-25223 (Money Transfer Management System Version 1.0 allows an 
authenticated u ...)
-       TODO: check
+       NOT-FOR-US: Money Transfer Management System
 CVE-2022-25222 (Money Transfer Management System Version 1.0 allows an 
unauthenticated ...)
-       TODO: check
+       NOT-FOR-US: Money Transfer Management System
 CVE-2022-25221 (Money Transfer Management System Version 1.0 allows an 
attacker to inj ...)
-       TODO: check
+       NOT-FOR-US: Money Transfer Management System
 CVE-2022-25220 (PeteReport Version 0.5 allows an authenticated admin user to 
inject pe ...)
        NOT-FOR-US: PeteReport
 CVE-2022-25219 (A null byte interaction error has been discovered in the code 
that the ...)
@@ -7328,7 +7328,7 @@ CVE-2022-25043
 CVE-2022-25042
        RESERVED
 CVE-2022-25041 (OpenEMR v6.0.0 was discovered to contain an incorrect access 
control i ...)
-       TODO: check
+       NOT-FOR-US: OpenEMR
 CVE-2022-25040
        RESERVED
 CVE-2022-25039
@@ -7659,7 +7659,7 @@ CVE-2022-24936
 CVE-2022-24935
        RESERVED
 CVE-2022-24934 (wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 
allows remo ...)
-       TODO: check
+       NOT-FOR-US: Kingsoft WPS Office
 CVE-2022-24933
        RESERVED
 CVE-2022-24932 (Improper Protection of Alternate Path vulnerability in Setup 
wizard pr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06ee07d003d63b77a0bdbc9295be93fc2b3c8b46

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06ee07d003d63b77a0bdbc9295be93fc2b3c8b46
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to