[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Thu, 21 Jul 2022 00:42:43 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
315697a9 by Moritz Muehlenhoff at 2022-07-21T09:42:21+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -119,11 +119,11 @@ CVE-2022-2478
 CVE-2022-2477
        RESERVED
 CVE-2022-36305 (Vesta v1.0.0-5 was discovered to contain a cross-site 
scripting (XSS)  ...)
-       TODO: check
+       NOT-FOR-US: Vesta
 CVE-2022-36304 (Vesta v1.0.0-5 was discovered to contain a cross-site 
scripting (XSS)  ...)
-       TODO: check
+       NOT-FOR-US: Vesta
 CVE-2022-36303 (Vesta v1.0.0-5 was discovered to contain a cross-site 
scripting (XSS)  ...)
-       TODO: check
+       NOT-FOR-US: Vesta
 CVE-2022-36302
        RESERVED
 CVE-2022-36301
@@ -4435,19 +4435,19 @@ CVE-2022-34542
 CVE-2022-34541
        RESERVED
 CVE-2022-34540 (Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was 
discovered  ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34539 (Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was 
discovered  ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34538 (Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was 
discovered  ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34537 (Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was 
discovered  ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34536 (Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34535 (Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows 
unauthen ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34534 (Digital Watchdog DW Spectrum Server 4.2.0.32842 allows 
attackers to ac ...)
-       TODO: check
+       NOT-FOR-US: Digital Watchdog
 CVE-2022-34533
        RESERVED
 CVE-2022-34532
@@ -5232,7 +5232,7 @@ CVE-2022-34268
 CVE-2022-34267
        RESERVED
 CVE-2022-34266 (The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon 
Linux 2 a ...)
-       TODO: check
+       NOT-FOR-US: libtiff-4.0.3-35.amzn2.0.1 Amazon package
 CVE-2022-34265 (An issue was discovered in Django 3.2 before 3.2.14 and 4.0 
before 4.0 ...)
        - python-django 2:4.0.6-1 (bug #1014541)
        NOTE: https://www.openwall.com/lists/oss-security/2022/07/04/2
@@ -5833,7 +5833,7 @@ CVE-2022-34027 (Nginx NJS v0.7.4 was discovered to 
contain a segmentation violat
 CVE-2022-34026
        RESERVED
 CVE-2022-34025 (Vesta v1.0.0-5 was discovered to contain a cross-site 
scripting (XSS)  ...)
-       TODO: check
+       NOT-FOR-US: Vesta
 CVE-2022-34024 (Barangay Management System v1.0 was discovered to contain an 
arbitrary ...)
        NOT-FOR-US: Barangay Management System
 CVE-2022-34023 (Barangay Management System v1.0 was discovered to contain a 
SQL inject ...)
@@ -8454,15 +8454,15 @@ CVE-2022-32964
 CVE-2022-32963
        RESERVED
 CVE-2022-32962 (HiCOS&#8217; client-side citizen certificate component has a 
double fr ...)
-       TODO: check
+       NOT-FOR-US: HICOS
 CVE-2022-32961 (HICOS&#8217; client-side citizen digital certificate component 
has a s ...)
-       TODO: check
+       NOT-FOR-US: HICOS
 CVE-2022-32960 (HiCOS&#8217; client-side citizen digital certificate component 
has a s ...)
-       TODO: check
+       NOT-FOR-US: HICOS
 CVE-2022-32959 (HiCOS&#8217; client-side citizen digital certificate component 
has a s ...)
-       TODO: check
+       NOT-FOR-US: HICOS
 CVE-2022-32958 (A remote attacker with general user privilege can send a 
message to Te ...)
-       TODO: check
+       NOT-FOR-US: TeamPlus Pro
 CVE-2022-32588
        RESERVED
 CVE-2022-32281
@@ -9645,11 +9645,11 @@ CVE-2022-32460
 CVE-2022-32459
        RESERVED
 CVE-2022-32458 (Digiwin BPM has a XML External Entity Injection (XXE) 
vulnerability du ...)
-       TODO: check
+       NOT-FOR-US: Digiwin
 CVE-2022-32457 (Digiwin BPM has inadequate filtering for URL parameter. An 
unauthentic ...)
-       TODO: check
+       NOT-FOR-US: Digiwin
 CVE-2022-32456 (Digiwin BPM&#8217;s function has insufficient validation for 
user inpu ...)
-       TODO: check
+       NOT-FOR-US: Digiwin
 CVE-2022-30707 (Violation of secure design principles exists in the 
communication of C ...)
        NOT-FOR-US: CAMS for HIS
 CVE-2022-30532 (In affected versions of Octopus Deploy, there is no logging of 
changes ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/315697a93408a88299a87e42b7b76d62a60a8a14

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/315697a93408a88299a87e42b7b76d62a60a8a14
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to