[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat, 20 Aug 2022 05:08:59 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3ef73f25 by Salvatore Bonaccorso at 2022-08-20T14:08:18+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -984,17 +984,17 @@ CVE-2022-38171
 CVE-2022-2794
        RESERVED
 CVE-2022-2793 (Emerson Electric's Proficy Machine Edition Version 9.00 and 
prior is v ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2022-2792 (Emerson Electric's Proficy Machine Edition Version 9.00 and 
prior is v ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2022-2791
        RESERVED
 CVE-2022-2790 (Emerson Electric's Proficy Machine Edition Version 9.00 and 
prior is v ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2022-2789 (Emerson Electric's Proficy Machine Edition Version 9.00 and 
prior is v ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2022-2788 (Emerson Electric's Proficy Machine Edition Version 9.80 and 
prior is v ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2022-2787
        RESERVED
        {DSA-5213-1 DLA-3075-1}
@@ -5923,7 +5923,7 @@ CVE-2022-36222
 CVE-2022-36221
        RESERVED
 CVE-2022-36220 (Kiosk breakout (without quit password) in Safe Exam Browser 
(Windows)  ...)
-       TODO: check
+       NOT-FOR-US: Safe Exam Browser
 CVE-2022-36219
        RESERVED
 CVE-2022-36218
@@ -6366,7 +6366,7 @@ CVE-2022-36033
 CVE-2022-36032
        RESERVED
 CVE-2022-36031 (Directus is a free and open-source data platform for headless 
content  ...)
-       TODO: check
+       NOT-FOR-US: Directus
 CVE-2022-36030 (Project-nexus is a general-purpose blog website framework. 
Affected ve ...)
        TODO: check
 CVE-2022-36029
@@ -7167,7 +7167,7 @@ CVE-2022-35694
 CVE-2022-35693
        RESERVED
 CVE-2022-35692 (Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and 
earlier) ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-35691
        RESERVED
 CVE-2022-35690
@@ -9937,13 +9937,13 @@ CVE-2022-34626
 CVE-2022-34625 (Mealie1.0.0beta3 was discovered to contain a Server-Side 
Template Inje ...)
        NOT-FOR-US: hay-kot/mealie
 CVE-2022-34624 (Mealie1.0.0beta3 does not terminate download tokens after a 
user logs  ...)
-       TODO: check
+       NOT-FOR-US: Mealie
 CVE-2022-34623 (Mealie1.0.0beta3 is vulnerable to user enumeration via timing 
response ...)
-       TODO: check
+       NOT-FOR-US: Mealie
 CVE-2022-34622
        RESERVED
 CVE-2022-34621 (Mealie 1.0.0beta3 was discovered to contain an Insecure Direct 
Object  ...)
-       TODO: check
+       NOT-FOR-US: Mealie
 CVE-2022-34620
        RESERVED
 CVE-2022-34619 (A stored cross-site scripting (XSS) vulnerability in Mealie 
v0.5.5 all ...)
@@ -9955,7 +9955,7 @@ CVE-2022-34617
 CVE-2022-34616
        RESERVED
 CVE-2022-34615 (Mealie 1.0.0beta3 employs weak password requirements which 
allows atta ...)
-       TODO: check
+       NOT-FOR-US: Mealie
 CVE-2022-34614
        RESERVED
 CVE-2022-34613 (Mealie 1.0.0beta3 contains an arbitrary file upload 
vulnerability whic ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef73f257b154bf2646482d7dd5feffaf7e51c14

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef73f257b154bf2646482d7dd5feffaf7e51c14
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to