[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 25 Nov 2022 00:41:37 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
62917c4e by Salvatore Bonaccorso at 2022-11-25T09:41:06+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17515,7 +17515,7 @@ CVE-2022-40284 (A buffer overflow was discovered in 
NTFS-3G before 2022.10.3. Cr
 CVE-2022-40283
        RESERVED
 CVE-2022-40282 (The web server of Hirschmann BAT-C2 before 09.13.01.00R04 
allows authe ...)
-       TODO: check
+       NOT-FOR-US: Hirschmann BAT-C2
 CVE-2022-40281 (An issue was discovered in Samsung TizenRT through 3.0_GBM 
(and 3.1_PR ...)
        NOT-FOR-US: Samsung TizenRT
 CVE-2022-40280 (An issue was discovered in Samsung TizenRT through 3.0_GBM 
(and 3.1_PR ...)
@@ -24068,7 +24068,7 @@ CVE-2022-2723 (A vulnerability was found in 
SourceCodester Employee Management S
 CVE-2022-2722 (A vulnerability was found in SourceCodester Simple Student 
Information ...)
        NOT-FOR-US: SourceCodester Simple Student Information System
 CVE-2022-2721 (In affected versions of Octopus Server it is possible for 
target disco ...)
-       TODO: check
+       NOT-FOR-US: Octopus Server
 CVE-2022-2720 (In affected versions of Octopus Server it was identified that 
when a s ...)
        NOT-FOR-US: Octopus Server
 CVE-2021-46833
@@ -28622,7 +28622,7 @@ CVE-2022-36135
 CVE-2022-36134
        RESERVED
 CVE-2022-36133 (The WebConfig functionality of Epson TM-C3500 and TM-C7500 
devices wit ...)
-       TODO: check
+       NOT-FOR-US: Epson
 CVE-2022-36132
        RESERVED
 CVE-2022-36131 (The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is 
prone to s ...)
@@ -46273,23 +46273,23 @@ CVE-2022-29835 (WD Discovery software executable 
files were signed with an unsaf
 CVE-2022-29834 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        NOT-FOR-US: ICONICS
 CVE-2022-29833 (Insufficiently Protected Credentials vulnerability in 
Mitsubishi Elect ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29832 (Cleartext Storage of Sensitive Information in Memory 
vulnerability in  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29831 (Use of Hard-coded Password vulnerability in Mitsubishi 
Electric Corpor ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29830 (Use of Hard-coded Cryptographic Key vulnerability in 
Mitsubishi Electr ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29829 (Use of Hard-coded Cryptographic Key vulnerability in 
Mitsubishi Electr ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29828 (Use of Hard-coded Cryptographic Key vulnerability in 
Mitsubishi Electr ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29827 (Use of Hard-coded Cryptographic Key vulnerability in 
Mitsubishi Electr ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29826 (Cleartext Storage of Sensitive Information vulnerability in 
Mitsubishi ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29825 (Use of Hard-coded Password vulnerability in Mitsubishi 
Electric GX Wor ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-29824 (In libxml2 before 2.9.14, several buffer handling functions in 
buf.c ( ...)
        {DSA-5142-1 DLA-3012-1}
        - libxml2 2.9.14+dfsg-1 (bug #1010526)
@@ -59897,7 +59897,7 @@ CVE-2022-25166 (An issue was discovered in Amazon AWS 
VPN Client 2.0.0. It is po
 CVE-2022-25165 (An issue was discovered in Amazon AWS VPN Client 2.0.0. A 
TOCTOU race  ...)
        NOT-FOR-US: Amazon AWS VPN Client
 CVE-2022-25164 (Cleartext Storage of Sensitive Information vulnerability in 
Mitsubishi ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2022-25163 (Improper Input Validation vulnerability in Mitsubishi Electric 
MELSEC- ...)
        NOT-FOR-US: Mitsubishi
 CVE-2022-25162 (Improper Input Validation vulnerability in Mitsubishi Electric 
MELSEC  ...)
@@ -66912,7 +66912,7 @@ CVE-2022-0224 (dolibarr is vulnerable to Improper 
Neutralization of Special Elem
 CVE-2022-0223
        RESERVED
 CVE-2022-0222 (A CWE-269: Improper Privilege Management vulnerability exists 
that cou ...)
-       TODO: check
+       NOT-FOR-US: Modicon
 CVE-2022-0221 (A CWE-611: Improper Restriction of XML External Entity 
Reference vulne ...)
        NOT-FOR-US: Schneider Electric
 CVE-2022-0220 (The check_privacy_settings AJAX action of the WordPress GDPR 
WordPress ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62917c4e14a59bc12aa9e9abddc45a9b15cbd623

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62917c4e14a59bc12aa9e9abddc45a9b15cbd623
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to