[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue, 03 Jan 2023 13:14:33 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f73bd13b by Salvatore Bonaccorso at 2023-01-03T22:13:56+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17111,7 +17111,7 @@ CVE-2022-3706 (Improper authorization in GitLab CE/EE 
affecting all versions fro
 CVE-2022-43932
        RESERVED
 CVE-2022-43931 (Out-of-bounds write vulnerability in Remote Desktop 
Functionality in S ...)
-       TODO: check
+       NOT-FOR-US: Synology VPN Plus Server
 CVE-2022-43930
        RESERVED
 CVE-2022-43929
@@ -18143,13 +18143,13 @@ CVE-2022-43524
 CVE-2022-43523
        RESERVED
 CVE-2022-43522 (Multiple vulnerabilities in the web-based management interface 
of Arub ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-43521 (Multiple vulnerabilities in the web-based management interface 
of Arub ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-43520 (Multiple vulnerabilities in the web-based management interface 
of Arub ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-43519 (Multiple vulnerabilities in the web-based management interface 
of Arub ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2022-43518 (An authenticated path traversal vulnerability exists in the 
Aruba Edge ...)
        NOT-FOR-US: Aruba
 CVE-2022-43517 (A vulnerability has been identified in Simcenter STAR-CCM+ 
(All versio ...)
@@ -18211,11 +18211,11 @@ CVE-2022-43441
 CVE-2022-43439 (A vulnerability has been identified in POWER METER SICAM Q100 
(All ver ...)
        NOT-FOR-US: Siemens
 CVE-2022-43438 (The Administrator function of EasyTest has an Incorrect 
Authorization  ...)
-       TODO: check
+       NOT-FOR-US: EasyTest
 CVE-2022-43437 (The Download function’s parameter of EasyTest has 
insufficient v ...)
-       TODO: check
+       NOT-FOR-US: EasyTest
 CVE-2022-43436 (The File Upload function of EasyTest has insufficient 
filtering for sp ...)
-       TODO: check
+       NOT-FOR-US: EasyTest
 CVE-2022-42888 (Unauth. Privilege Escalation vulnerability in ARMember premium 
plugin  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-42884
@@ -18447,7 +18447,7 @@ CVE-2022-3616 (Attackers can create long chains of CAs 
that would lead to OctoRP
 CVE-2022-3615
        RESERVED
 CVE-2022-3614 (In affected versions of Octopus Deploy users of certain 
browsers using ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2022-3613
        RESERVED
 CVE-2022-3612
@@ -20199,7 +20199,7 @@ CVE-2022-40221
 CVE-2022-3461 (In PHOENIX CONTACT Automationworx Software Suite up to version 
1.89 ma ...)
        NOT-FOR-US: PHOENIX
 CVE-2022-3460 (In affected versions of Octopus Deploy it is possible for 
certain type ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2022-3459
        RESERVED
 CVE-2022-3458 (A vulnerability has been found in SourceCodester Human Resource 
Manage ...)
@@ -21127,7 +21127,7 @@ CVE-2022-42477
 CVE-2022-42476
        RESERVED
 CVE-2022-42475 (A heap-based buffer overflow vulnerability [CWE-122] in 
FortiOS SSL-VP ...)
-       TODO: check
+       NOT-FOR-US: FortiOS SSL-VPN
 CVE-2022-42474
        RESERVED
 CVE-2022-42473 (A missing authentication for a critical function vulnerability 
in Fort ...)
@@ -21135,7 +21135,7 @@ CVE-2022-42473 (A missing authentication for a critical 
function vulnerability i
 CVE-2022-42472
        RESERVED
 CVE-2022-42471 (An improper neutralization of CRLF sequences in HTTP headers 
('HTTP Re ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2022-42470
        RESERVED
 CVE-2022-42469
@@ -24179,7 +24179,7 @@ CVE-2022-3293 (Email addresses were leaked in WebHook 
logs in GitLab EE affectin
 CVE-2022-3292 (Use of Cache Containing Sensitive Information in GitHub 
repository iku ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2022-41336 (An improper neutralization of input during web page generation 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2022-41335
        RESERVED
 CVE-2022-41334



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f73bd13b3520c2920b14aa6aed8af8f0f2386485

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f73bd13b3520c2920b14aa6aed8af8f0f2386485
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to