[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Fri, 28 Oct 2022 14:01:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1bea25a4 by Salvatore Bonaccorso at 2022-10-28T23:01:19+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11225,9 +11225,9 @@ CVE-2022-40186 (An issue was discovered in HashiCorp 
Vault and Vault Enterprise
 CVE-2022-40185
        RESERVED
 CVE-2022-40184 (Incomplete filtering of JavaScript code in different 
configuration fie ...)
-       TODO: check
+       NOT-FOR-US: Bosch
 CVE-2022-40183 (An error in the URL handler of the VIDEOJET multi 4000 may 
lead to a r ...)
-       TODO: check
+       NOT-FOR-US: Bosch
 CVE-2022-40182 (A vulnerability has been identified in Desigo PXM30-1 (All 
versions &l ...)
        NOT-FOR-US: Siemens
 CVE-2022-40181 (A vulnerability has been identified in Desigo PXM30-1 (All 
versions &l ...)
@@ -11733,11 +11733,11 @@ CVE-2022-39980
 CVE-2022-39979
        RESERVED
 CVE-2022-39978 (Online Pet Shop We App v1.0 was discovered to contain an 
arbitrary fil ...)
-       TODO: check
+       NOT-FOR-US: Online Pet Shop We App
 CVE-2022-39977 (Online Pet Shop We App v1.0 was discovered to contain an 
arbitrary fil ...)
-       TODO: check
+       NOT-FOR-US: Online Pet Shop We App
 CVE-2022-39976 (School Activity Updates with SMS Notification v1.0 was 
discovered to c ...)
-       TODO: check
+       NOT-FOR-US: School Activity Updates with SMS Notification
 CVE-2022-39975 (The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, 
and Life ...)
        NOT-FOR-US: Liferay
 CVE-2022-39974 (WASM3 v0.5.0 was discovered to contain a segmentation fault 
via the co ...)
@@ -13085,7 +13085,7 @@ CVE-2022-39367 (QTIWorks is a software suite for 
standards-based assessment deli
 CVE-2022-39366 (DataHub is an open-source metadata platform. Prior to version 
0.8.45,  ...)
        TODO: check
 CVE-2022-39365 (Pimcore is an open source data and experience management 
platform. Pri ...)
-       TODO: check
+       NOT-FOR-US: Pimcore
 CVE-2022-39364 (Nextcloud Server is the file server software for Nextcloud, a 
self-hos ...)
        TODO: check
 CVE-2022-39363
@@ -14873,7 +14873,7 @@ CVE-2021-46835 (There is a traffic hijacking 
vulnerability in WS7200-10 11.0.2.1
 CVE-2020-36602 (There is an out-of-bounds read and write vulnerability in some 
headset ...)
        NOT-FOR-US: Huawei
 CVE-2022-38744 (An unauthenticated attacker with network access to a victim's 
Rockwell ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2022-38743 (Rockwell Automation FactoryTalk VantagePoint versions 8.0, 
8.10, 8.20, ...)
        NOT-FOR-US: Rockwell Automation
 CVE-2022-38742 (Rockwell Automation ThinManager ThinServer versions 11.0.0 - 
13.0.0 is ...)
@@ -16631,7 +16631,7 @@ CVE-2022-38182
 CVE-2022-38181 (An Arm product family through 2022-08-12 mail GPU kernel 
driver allows ...)
        TODO: check
 CVE-2022-2809 (A vulnerability in bmcweb of OpenBMC Project allows user to 
cause deni ...)
-       TODO: check
+       NOT-FOR-US: OpenBMC
 CVE-2022-38180 (In JetBrains Ktor before 2.1.0 the wrong authentication 
provider could ...)
        NOT-FOR-US: JetBrains Ktor
 CVE-2022-38179 (JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File 
Downloa ...)
@@ -17375,11 +17375,11 @@ CVE-2022-37917
 CVE-2022-37916
        RESERVED
 CVE-2022-37915 (A vulnerability in the web-based management interface of Aruba 
EdgeCon ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-37914 (Vulnerabilities in the web-based management interface of Aruba 
EdgeCon ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-37913 (Vulnerabilities in the web-based management interface of Aruba 
EdgeCon ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-37912
        RESERVED
 CVE-2022-37911
@@ -21562,9 +21562,9 @@ CVE-2022-2476 (A null pointer dereference bug was found 
in wavpack-5.4.0 The res
        NOTE: https://github.com/dbry/WavPack/issues/121
        NOTE: 
https://github.com/dbry/WavPack/commit/25b4a2725d8568212e7cf89ca05ca29d128af7ac 
(5.5.0)
 CVE-2022-2475 (Haas Controller version 100.20.000.1110 has insufficient 
granularity o ...)
-       TODO: check
+       NOT-FOR-US: Haas Controller
 CVE-2022-2474 (Authentication is currently unsupported in Haas Controller 
version 100 ...)
-       TODO: check
+       NOT-FOR-US: Haas Controller
 CVE-2022-2473 (The WP-UserOnline plugin for WordPress is vulnerable to Stored 
Cross-S ...)
        NOT-FOR-US: WP-UserOnline plugin for WordPress
 CVE-2022-2472 (Improper Initialization vulnerability in the local server 
component of ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bea25a41bf562e9a28d462b6aecc1c2776c4a79

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bea25a41bf562e9a28d462b6aecc1c2776c4a79
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to