[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon, 20 Jun 2022 13:24:00 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
be956265 by Salvatore Bonaccorso at 2022-06-20T22:23:20+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2022-2136
 CVE-2022-2135
        RESERVED
 CVE-2022-2134 (Denial of Service in GitHub repository inventree/inventree 
prior to 0. ...)
-       TODO: check
+       NOT-FOR-US: inventree
 CVE-2022-2133
        RESERVED
 CVE-2022-2132
@@ -45,7 +45,7 @@ CVE-2022-2132
 CVE-2022-2131
        RESERVED
 CVE-2022-2130 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
microweber ...)
-       TODO: check
+       NOT-FOR-US: microweber
 CVE-2022-XXXX [vlc issues fixed in 3.0.13]
        - vlc 3.0.16-1
        [buster] - vlc 3.0.17.4-0+deb10u1
@@ -441,7 +441,7 @@ CVE-2022-2129 (Out-of-bounds Write in GitHub repository 
vim/vim prior to 8.2. ..
        NOTE: https://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352
        NOTE: 
https://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d 
(v8.2.5126)
 CVE-2022-2128 (Unrestricted Upload of File with Dangerous Type in GitHub 
repository p ...)
-       TODO: check
+       NOT-FOR-US: Trudesk
 CVE-2022-2127
        RESERVED
 CVE-2022-2126 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. 
...)
@@ -4704,7 +4704,7 @@ CVE-2022-32206
 CVE-2022-32205
        RESERVED
 CVE-2022-31734 (** Unsupported When Assigned ** Cisco Catalyst 2940 Series 
Switches pr ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-1976
        RESERVED
        - linux 5.18.5-1
@@ -5716,9 +5716,9 @@ CVE-2022-31796 (libjpeg 1.63 has a heap-based buffer 
over-read in HierarchicalBi
        NOTE: 
https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d
        NOTE: Crash in CLI tool, no security impact
 CVE-2022-31795 (An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 
(Control ...)
-       TODO: check
+       NOT-FOR-US: Fujitsu
 CVE-2022-31794 (An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 
(Control ...)
-       TODO: check
+       NOT-FOR-US: Fujitsu
 CVE-2022-1933
        RESERVED
 CVE-2022-1932
@@ -7289,9 +7289,9 @@ CVE-2022-1826 (The Cross-Linker WordPress plugin through 
3.0.1.9 does not have C
 CVE-2022-1825 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
collective ...)
        NOT-FOR-US: collectiveaccess/providence
 CVE-2022-1824 (An uncontrolled search path vulnerability in McAfee Consumer 
Product R ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2022-1823 (Improper privilege management vulnerability in McAfee Consumer 
Product ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2022-1822 (The Zephyr Project Manager plugin for WordPress is vulnerable 
to Refle ...)
        NOT-FOR-US: Zephyr Project Manager plugin for WordPress
 CVE-2022-1821 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be9562651125bcad6a6602c22bc8e9e881b578c5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be9562651125bcad6a6602c22bc8e9e881b578c5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to