[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 23 Sep 2022 07:35:30 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a4261318 by Moritz Mühlenhoff at 2022-09-23T16:35:05+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -470,7 +470,7 @@ CVE-2022-38066
 CVE-2022-3253
        RESERVED
 CVE-2022-3252 (Improper detection of complete HTTP body decompression SwiftNIO 
Extras ...)
-       TODO: check
+       NOT-FOR-US: Swift (different from src:swift)
 CVE-2022-3251 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in 
GitHub ...)
        NOT-FOR-US: minarca
 CVE-2022-3250 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in 
GitHub ...)
@@ -800,7 +800,7 @@ CVE-2022-40980 (A potential unathenticated file deletion 
vulnerabilty on Trend M
 CVE-2022-40979
        RESERVED
 CVE-2022-40978 (The installer of JetBrains IntelliJ IDEA before 2022.2.2 was 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: installer of JetBrains IntelliJ IDEA
 CVE-2022-40977
        RESERVED
 CVE-2022-40976
@@ -1370,7 +1370,7 @@ CVE-2022-40736 (An issue was discovered in Bento4 
1.6.0-639. There ie excessive
 CVE-2022-40735
        RESERVED
 CVE-2022-40734 (UniSharp laravel-filemanager (aka Laravel Filemanager) through 
2.5.1 a ...)
-       TODO: check
+       NOT-FOR-US: Laravel Filemanager
 CVE-2022-40733
        RESERVED
 CVE-2022-40732
@@ -1428,9 +1428,9 @@ CVE-2022-40707
 CVE-2022-3219
        RESERVED
 CVE-2022-3218 (Due to a reliance on client-side authentication, the WiFi Mouse 
(Mouse ...)
-       TODO: check
+       NOT-FOR-US: Necta LLC
 CVE-2022-3217 (When logging in to a VBASE runtime project via Web-Remote, the 
product ...)
-       TODO: check
+       NOT-FOR-US: VBASE
 CVE-2018-25047 (In Smarty before 3.1.47 and 4.x before 4.2.1, 
libs/plugins/function.ma ...)
        - smarty3 <unfixed> (bug #1019897)
        - smarty4 <unfixed> (bug #1019896)
@@ -2513,9 +2513,9 @@ CVE-2022-40264
 CVE-2022-40263
        RESERVED
 CVE-2022-40262 (A potential attacker can execute an arbitrary code at the time 
of the  ...)
-       TODO: check
+       NOT-FOR-US: AMI
 CVE-2022-40261 (An attacker can exploit this vulnerability to elevate 
privileges from  ...)
-       TODO: check
+       NOT-FOR-US: AMI
 CVE-2022-40260
        RESERVED
 CVE-2022-40259
@@ -2537,7 +2537,7 @@ CVE-2022-40252
 CVE-2022-40251
        RESERVED
 CVE-2022-40250 (An attacker can exploit this vulnerability to elevate 
privileges from  ...)
-       TODO: check
+       NOT-FOR-US: AMI
 CVE-2022-40249
        RESERVED
 CVE-2022-40248
@@ -2545,7 +2545,7 @@ CVE-2022-40248
 CVE-2022-40247
        RESERVED
 CVE-2022-40246 (A potential attacker can write one byte by arbitrary address 
at the ti ...)
-       TODO: check
+       NOT-FOR-US: AMI
 CVE-2022-40245
        RESERVED
 CVE-2022-40244
@@ -4791,9 +4791,9 @@ CVE-2022-39227 (python-jwt is a module for generating and 
verifying JSON Web Tok
 CVE-2022-39226
        RESERVED
 CVE-2022-39225 (Parse Server is an open source backend that can be deployed to 
any inf ...)
-       TODO: check
+       NOT-FOR-US: Node parse-server
 CVE-2022-39224 (Arr-pm is an RPM reader/writer library written in Ruby. 
Versions prior ...)
-       TODO: check
+       NOT-FOR-US: arr-pm
 CVE-2022-39223
        RESERVED
 CVE-2022-39222
@@ -4805,9 +4805,9 @@ CVE-2022-39220 (SFTPGo is an SFTP server written in Go. 
Versions prior to 2.3.5
 CVE-2022-39219
        RESERVED
 CVE-2022-39218 (The JS Compute Runtime for Fastly's Compute@Edge platform 
provides the ...)
-       TODO: check
+       NOT-FOR-US: Fastly
 CVE-2022-39217 (some-natalie/ghas-to-csv (GitHub Advanced Security to CSV) is 
a GitHub ...)
-       TODO: check
+       NOT-FOR-US: GitHub Advanced Security to CSV
 CVE-2022-39216
        RESERVED
 CVE-2022-39215 (Tauri is a framework for building binaries for all major 
desktop platf ...)
@@ -5229,7 +5229,7 @@ CVE-2022-39065
 CVE-2022-39064
        RESERVED
 CVE-2022-39063 (When Open5GS UPF receives a PFCP Session Establishment 
Request, it sto ...)
-       TODO: check
+       NOT-FOR-US: Open5GS UPF
 CVE-2022-39062
        RESERVED
 CVE-2022-39061



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a426131815ffda3e40f46ffe328814bd5ff4d0dc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a426131815ffda3e40f46ffe328814bd5ff4d0dc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to