[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 16 Jun 2022 23:58:58 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1ffe7d5b by Salvatore Bonaccorso at 2022-06-17T08:58:18+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4025,19 +4025,19 @@ CVE-2022-1963
 CVE-2021-4233
        RESERVED
 CVE-2022-32158 (Splunk Enterprise deployment servers in versions before 9.0 
let client ...)
-       TODO: check
+       NOT-FOR-US: Splunk Enterprise deployment servers
 CVE-2022-32157 (Splunk Enterprise deployment servers in versions before 9.0 
allow unau ...)
-       TODO: check
+       NOT-FOR-US: Splunk Enterprise deployment servers
 CVE-2022-32156 (In Splunk Enterprise and Universal Forwarder versions before 
9.0, the  ...)
-       TODO: check
+       NOT-FOR-US: Splunk Enterprise and Universal Forwarder
 CVE-2022-32155 (In universal forwarder versions before 9.0, management 
services are av ...)
-       TODO: check
+       NOT-FOR-US: Splunk Enterprise and Universal Forwarder
 CVE-2022-32154 (Dashboards in Splunk Enterprise versions before 9.0 might let 
an attac ...)
-       TODO: check
+       NOT-FOR-US: Dashboards in Splunk Enterprise
 CVE-2022-32153 (Splunk Enterprise peers in Splunk Enterprise versions before 
9.0 and S ...)
-       TODO: check
+       NOT-FOR-US: Splunk Enterprise
 CVE-2022-32152 (Splunk Enterprise peers in Splunk Enterprise versions before 
9.0 and S ...)
-       TODO: check
+       NOT-FOR-US: Splunk Enterprise
 CVE-2022-32151 (The httplib and urllib Python libraries that Splunk shipped 
with Splun ...)
        TODO: check
 CVE-2022-32150
@@ -6927,7 +6927,7 @@ CVE-2022-31068
 CVE-2022-31067
        RESERVED
 CVE-2022-31066 (EdgeX Foundry is an open source project for building a common 
open fra ...)
-       TODO: check
+       NOT-FOR-US: EdgeX Foundry
 CVE-2022-31065
        RESERVED
 CVE-2022-31064
@@ -8077,53 +8077,53 @@ CVE-2022-30672
 CVE-2022-30671
        RESERVED
 CVE-2022-30670 (RoboHelp Server earlier versions than RHS 11 Update 3 are 
affected by  ...)
-       TODO: check
+       NOT-FOR-US: RoboHelp Server
 CVE-2022-30669 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30668 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30667 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30666 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30665 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30664 (Adobe Animate version 22.0.5 (and earlier) is affected by an 
out-of-bo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30663 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30662 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30661 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30660 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30659 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30658 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and 
earlier)  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30657 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30656 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30655 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30654 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30653 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30652 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30651 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30650 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and 
earlier) are  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30649 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30648 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30647 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 
(and earlie ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2022-30646
        RESERVED
 CVE-2022-30645
@@ -8247,19 +8247,19 @@ CVE-2022-30608
 CVE-2022-30607
        RESERVED
 CVE-2022-30546 (Out-of-bounds read vulnerability exists in the simulator 
module contai ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric V-SFT
 CVE-2022-30538 (Out-of-bounds write vulnerability exists in the simulator 
module conta ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric V-SFT
 CVE-2022-29925 (Access of uninitialized pointer vulnerability exists in the 
simulator  ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric V-SFT
 CVE-2022-29522 (Use after free vulnerability exists in the simulator module 
contained  ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric V-SFT
 CVE-2022-29482 ('Mobaoku-Auction&amp;Flea Market' App for iOS versions prior 
to 5.5.16 ...)
        NOT-FOR-US: 'Mobaoku-Auction&Flea Market' App for iOS
 CVE-2022-27231 (Cross-site scripting vulnerability exists in WP Statistics 
versions pr ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-26302 (Heap-based buffer overflow exists in the simulator module 
contained in ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric V-SFT
 CVE-2022-1699 (Uncontrolled Resource Consumption in GitHub repository 
causefx/organiz ...)
        NOT-FOR-US: organizr
 CVE-2022-1698 (Allowing long password leads to denial of service in GitHub 
repository ...)
@@ -9576,7 +9576,7 @@ CVE-2022-30195
 CVE-2022-30194
        RESERVED
 CVE-2022-30193 (AV1 Video Extension Remote Code Execution Vulnerability. This 
CVE ID i ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30192
        RESERVED
 CVE-2022-30191
@@ -9584,9 +9584,9 @@ CVE-2022-30191
 CVE-2022-30190 (Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code 
Execution ...)
        NOT-FOR-US: Microsoft
 CVE-2022-30189 (Windows Autopilot Device Management and Enrollment Client 
Spoofing Vul ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30188 (HEVC Video Extensions Remote Code Execution Vulnerability. 
This CVE ID ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30187
        RESERVED
 CVE-2022-30186
@@ -9602,105 +9602,105 @@ CVE-2022-30182
 CVE-2022-30181
        RESERVED
 CVE-2022-30180 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30179 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. 
This CVE I ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30178 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. 
This CVE I ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30177 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. 
This CVE I ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30176
        RESERVED
 CVE-2022-30175
        RESERVED
 CVE-2022-30174 (Microsoft Office Remote Code Execution Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30173 (Microsoft Excel Remote Code Execution Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30172 (Microsoft Office Information Disclosure Vulnerability. This 
CVE ID is  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30171 (Microsoft Office Information Disclosure Vulnerability. This 
CVE ID is  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30170
        RESERVED
 CVE-2022-30169
        RESERVED
 CVE-2022-30168 (Microsoft Photos App Remote Code Execution Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30167 (AV1 Video Extension Remote Code Execution Vulnerability. This 
CVE ID i ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30166 (Local Security Authority Subsystem Service Elevation of 
Privilege Vuln ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30165 (Windows Kerberos Elevation of Privilege Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30164 (Kerberos AppContainer Security Feature Bypass Vulnerability. 
...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30163 (Windows Hyper-V Remote Code Execution Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30162 (Windows Kernel Information Disclosure Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30161 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30160 (Windows Advanced Local Procedure Call Elevation of Privilege 
Vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30159 (Microsoft Office Information Disclosure Vulnerability. This 
CVE ID is  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30158 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability. This  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30157 (Microsoft SharePoint Server Remote Code Execution 
Vulnerability. This  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30156
        RESERVED
 CVE-2022-30155 (Windows Kernel Denial of Service Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30154 (Microsoft File Server Shadow Copy Agent Service (RVSS) 
Elevation of Pr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30153 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30152 (Windows Network Address Translation (NAT) Denial of Service 
Vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30151 (Windows Ancillary Function Driver for WinSock Elevation of 
Privilege V ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30150 (Windows Defender Remote Credential Guard Elevation of 
Privilege Vulner ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30149 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30148 (Windows Desired State Configuration (DSC) Information 
Disclosure Vulne ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30147 (Windows Installer Elevation of Privilege Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30146 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30145 (Windows Encrypting File System (EFS) Remote Code Execution 
Vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30144
        RESERVED
 CVE-2022-30143 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30142 (Windows File History Remote Code Execution Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30141 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30140 (Windows iSCSI Discovery Service Remote Code Execution 
Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30139 (Windows Lightweight Directory Access Protocol (LDAP) Remote 
Code Execu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30138 (Windows Print Spooler Elevation of Privilege Vulnerability. 
This CVE I ...)
        NOT-FOR-US: Microsoft
 CVE-2022-30137 (Azure Service Fabric Container Elevation of Privilege 
Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30136 (Windows Network File System Remote Code Execution 
Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30135 (Windows Media Center Elevation of Privilege Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30134
        RESERVED
 CVE-2022-30133
        RESERVED
 CVE-2022-30132 (Windows Container Manager Service Elevation of Privilege 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30131 (Windows Container Isolation FS Filter Driver Elevation of 
Privilege Vu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2022-30130 (.NET Framework Denial of Service Vulnerability. ...)
        NOT-FOR-US: Microsoft
 CVE-2022-30129 (Visual Studio Code Remote Code Execution Vulnerability. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ffe7d5b4197475b1bc41f17e996ed50e7629ea1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ffe7d5b4197475b1bc41f17e996ed50e7629ea1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to