[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
99b94bf9 by Salvatore Bonaccorso at 2022-12-22T21:22:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2023-0022
 CVE-2023-0021
        RESERVED
 CVE-2022-47926 (AyaCMS 3.1.2 is vulnerable to file deletion via 
/aya/module/admin/fst_ ...)
-       TODO: check
+       NOT-FOR-US: AyaCMS
 CVE-2022-4663
        RESERVED
 CVE-2022-4662
@@ -6642,9 +6642,9 @@ CVE-2022-46104
 CVE-2022-46103
        RESERVED
 CVE-2022-46102 (AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via 
/aya/module/ad ...)
-       TODO: check
+       NOT-FOR-US: AyaCMS
 CVE-2022-46101 (AyaCMS v3.1.2 was found to have a code flaw in the 
ust_sql.inc.php fil ...)
-       TODO: check
+       NOT-FOR-US: AyaCMS
 CVE-2022-46100
        RESERVED
 CVE-2022-46099
@@ -6914,7 +6914,7 @@ CVE-2022-45968 (Alist v3.4.0 is vulnerable to File 
Upload. A user with only file
 CVE-2022-45967
        RESERVED
 CVE-2022-45966 (here is an arbitrary file upload vulnerability in the file 
management  ...)
-       TODO: check
+       NOT-FOR-US: Classcms
 CVE-2022-45965
        RESERVED
 CVE-2022-45964
@@ -12247,7 +12247,7 @@ CVE-2022-44512
 CVE-2022-44511
        RESERVED
 CVE-2022-44510 (Adobe Experience Manager version 6.5.14 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-44509
        RESERVED
 CVE-2022-44508
@@ -29228,13 +29228,13 @@ CVE-2022-38660 (HCL XPages applications are 
susceptible to a Cross Site Request
 CVE-2022-38659 (In specific scenarios, on Windows the operator credentials may 
be encr ...)
        NOT-FOR-US: HCL
 CVE-2022-38658 (BigFix deployments that have installed the Notification 
Service on Win ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2022-38657
        RESERVED
 CVE-2022-38656 (HCL Commerce, when using Elasticsearch, can allow a remote 
attacker to ...)
        NOT-FOR-US: HCL
 CVE-2022-38655 (BigFix WebUI non-master operators are missing controls that 
prevent th ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2022-38654 (HCL Domino is susceptible to an information disclosure 
vulnerability.  ...)
        NOT-FOR-US: HCL
 CVE-2022-38653 (In HCL Digital Experience, customized XSS payload can be 
constructed s ...)
@@ -29522,7 +29522,7 @@ CVE-2022-38548
 CVE-2022-38547
        RESERVED
 CVE-2022-38546 (A DNS misconfiguration was found in Zyxel NBG7510 firmware 
versions pr ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2022-38545 (Valine v1.4.18 was discovered to contain a remote code 
execution (RCE) ...)
        NOT-FOR-US: Valine
 CVE-2022-38544



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99b94bf90d3f04e57ea5ec995a2d7b3f3b28f56a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99b94bf90d3f04e57ea5ec995a2d7b3f3b28f56a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits