[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 12 Sep 2022 13:21:41 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ac4c452a by Salvatore Bonaccorso at 2022-09-12T22:21:03+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6932,7 +6932,7 @@ CVE-2022-37862
 CVE-2022-37861
        RESERVED
 CVE-2022-37860 (The web configuration interface of the TP-Link M7350 V3 with 
firmware  ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2022-37859
        RESERVED
 CVE-2022-37858
@@ -6982,7 +6982,7 @@ CVE-2022-37837
 CVE-2022-37836
        RESERVED
 CVE-2022-37835 (Torguard VPN 4.8, has a vulnerability that allows an attacker 
to dump  ...)
-       TODO: check
+       NOT-FOR-US: Torguard VPN
 CVE-2022-37834
        RESERVED
 CVE-2022-37833
@@ -7130,7 +7130,7 @@ CVE-2022-37768 (libjpeg commit 281daa9 was discovered to 
contain an infinite loo
        NOTE: 
https://github.com/thorfdbg/libjpeg/commit/281daa9ccee18742b83a77cd29bd2726b69b7977
        NOTE: Hang in CLI tool, no security impact
 CVE-2022-37767 (Pebble Templates 3.1.5 allows attackers to bypass a protection 
mechani ...)
-       TODO: check
+       NOT-FOR-US: Pebble Templates
 CVE-2022-37766
        RESERVED
 CVE-2022-37765
@@ -24454,19 +24454,19 @@ CVE-2022-31228
 CVE-2022-31227
        RESERVED
 CVE-2022-31226 (Dell BIOS versions contain a Stack-based Buffer Overflow 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31225 (Dell BIOS versions contain an Unchecked Return Value 
vulnerability. A  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31224 (Dell BIOS versions contain an Improper Protection Against 
Voltage and  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31223 (Dell BIOS versions contain an Improper Neutralization of Null 
Byte vul ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31222 (Dell BIOS versions contain a Missing Release of Resource after 
Effecti ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31221 (Dell BIOS versions contain an Information Exposure 
vulnerability. A lo ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31220 (Dell BIOS versions contain an Unchecked Return Value 
vulnerability. A  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-31219 (Vulnerabilities in the Drive Composer allow a low privileged 
attacker  ...)
        NOT-FOR-US: Drive Composer
 CVE-2022-31218 (Vulnerabilities in the Drive Composer allow a low privileged 
attacker  ...)
@@ -24991,7 +24991,7 @@ CVE-2022-31022 (Bleve is a text indexing library for 
go. Bleve includes HTTP uti
 CVE-2022-31021
        RESERVED
 CVE-2022-31020 (Indy Node is the server portion of a distributed ledger 
purpose-built  ...)
-       TODO: check
+       NOT-FOR-US: Indy Node
 CVE-2022-31019 (Vapor is a server-side Swift HTTP web framework. When using 
automatic  ...)
        NOT-FOR-US: Vapor
 CVE-2022-31018 (Play Framework is a web framework for Java and Scala. A denial 
of serv ...)
@@ -25026,7 +25026,7 @@ CVE-2022-31008
 CVE-2022-31007 (eLabFTW is an electronic lab notebook manager for research 
teams. Prio ...)
        NOT-FOR-US: eLabFTW
 CVE-2022-31006 (indy-node is the server portion of Hyperledger Indy, a 
distributed led ...)
-       TODO: check
+       NOT-FOR-US: Indy Node
 CVE-2022-31005 (Vapor is an HTTP web framework for Swift. Users of Vapor prior 
to vers ...)
        NOT-FOR-US: Vapor
 CVE-2022-31004 (CVEProject/cve-services is an open source project used to 
operate the  ...)
@@ -26259,7 +26259,7 @@ CVE-2022-1702 (SonicWall SMA1000 series firmware 
12.4.0, 12.4.1-02965 and earlie
 CVE-2022-1701 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and 
earlier ver ...)
        NOT-FOR-US: SonicWall
 CVE-2022-1700 (Improper Restriction of XML External Entity Reference ('XXE') 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Forcepoint
 CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could allow  ...)
        NOT-FOR-US: IBM
 CVE-2022-30615



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac4c452afb959d637d4f7cb83885b687d36c0b0e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac4c452afb959d637d4f7cb83885b687d36c0b0e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to