[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) Thu, 18 Aug 2022 02:28:55 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
10890ef4 by Neil Williams at 2022-08-18T10:28:10+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -201,6 +201,7 @@ CVE-2022-2839
        RESERVED
 CVE-2022-2838 (In Eclipse Sphinx&#8482; before version 0.13.1, Apache Xerces 
XML Pars ...)
        TODO: check
+       NOTE: https://bugs.eclipse.org/580542 (private)
 CVE-2022-2837
        RESERVED
        - coredns <itp> (bug #880676)
@@ -18616,7 +18617,7 @@ CVE-2022-31264 (Solana solana_rbpf before 0.2.29 has an 
addition integer overflo
 CVE-2022-31263 (app/models/user.rb in Mastodon before 3.5.0 allows a bypass of 
e-mail  ...)
        - mastodon <itp> (bug #859741)
 CVE-2022-31262 (An exploitable local privilege escalation vulnerability exists 
in GOG  ...)
-       TODO: check
+       NOT-FOR-US: GOG Galaxy
 CVE-2022-31261 (An XXE issue was discovered in Morpheus through 5.2.16 and 
5.4.x throu ...)
        NOT-FOR-US: Morpheus
 CVE-2022-1809 (Access of Uninitialized Pointer in GitHub repository 
radareorg/radare2 ...)
@@ -20651,9 +20652,9 @@ CVE-2022-30578
 CVE-2022-30577
        RESERVED
 CVE-2022-30576 (The Web Console component of TIBCO Software Inc.'s TIBCO Data 
Science  ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2022-30575 (The Web Console component of TIBCO Software Inc.'s TIBCO Data 
Science  ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2022-30574 (The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - 
Community ...)
        NOT-FOR-US: TIBCO
 CVE-2022-30573 (The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - 
Community ...)
@@ -21639,7 +21640,7 @@ CVE-2022-30264 (The Emerson ROC and FloBoss RTU product 
lines through 2022-05-02
 CVE-2022-30263
        RESERVED
 CVE-2022-30262 (The Emerson ControlWave 'Next Generation' RTUs through 
2022-05-02 mish ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2022-30261
        RESERVED
 CVE-2022-30260
@@ -25986,9 +25987,9 @@ CVE-2022-28754 (Zoom On-Premise Meeting Connector MMR 
before version 4.8.129.202
 CVE-2022-28753 (Zoom On-Premise Meeting Connector MMR before version 
4.8.129.20220714  ...)
        NOT-FOR-US: Zoom
 CVE-2022-28752 (Zoom Rooms for Conference Rooms for Windows versions before 
5.11.0 are ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2022-28751 (The Zoom Client for Meetings for MacOS (Standard and for IT 
Admin) bef ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2022-28750 (Zoom On-Premise Meeting Connector Zone Controller (ZC) before 
version  ...)
        NOT-FOR-US: Zoom
 CVE-2022-28749 (Zooms On-Premise Meeting Connector MMR before version 
4.8.113.20220526 ...)
@@ -34617,7 +34618,7 @@ CVE-2022-25801 (Best Practical RT for Incident Response 
(RTIR) before 4.0.3 and
 CVE-2022-25800 (Best Practical RT for Incident Response (RTIR) before 4.0.3 
and 5.x be ...)
        NOT-FOR-US: Best Practical RT for Incident Response
 CVE-2022-25799 (An open redirect vulnerability exists in CERT/CC VINCE 
software prior  ...)
-       TODO: check
+       NOT-FOR-US: CERT/CC VINCE
 CVE-2022-25798
        RESERVED
 CVE-2022-25797 (A Memory Corruption Vulnerability in Autodesk TrueView 2022 
and 2021 m ...)
@@ -41600,9 +41601,9 @@ CVE-2022-23767
 CVE-2022-23766
        RESERVED
 CVE-2022-23765 (This vulnerability occured by sending a malicious POST request 
to a sp ...)
-       TODO: check
+       NOT-FOR-US: ipTIME NAS product
 CVE-2022-23764 (The vulnerability causing from insufficient verification 
procedures fo ...)
-       TODO: check
+       NOT-FOR-US: WebCube for Windows
 CVE-2022-23763 (Origin validation error vulnerability in NeoRS&#8217;s ActiveX 
moudle  ...)
        NOT-FOR-US: NeoRS for Windows
 CVE-2022-23762
@@ -41636,7 +41637,7 @@ CVE-2022-23749
 CVE-2022-23748
        RESERVED
 CVE-2022-23747 (In Sony Xperia series 1, 5, and Pro, an out of bound memory 
access can ...)
-       TODO: check
+       NOT-FOR-US: Sony
 CVE-2022-23746
        RESERVED
 CVE-2022-23745 (A potential memory corruption issue was found in Capsule 
Workspace And ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10890ef4341b4ac7a4c1e57a15baad572bba1478

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10890ef4341b4ac7a4c1e57a15baad572bba1478
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to