[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 12 Jul 2022 13:28:46 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2875fe1c by Salvatore Bonaccorso at 2022-07-12T22:28:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -668,9 +668,9 @@ CVE-2022-2366 (Incorrect default configuration for trusted 
IP header in Mattermo
 CVE-2022-2365 (Cross-site Scripting (XSS) - Stored in GitHub repository 
zadam/trilium ...)
        TODO: check
 CVE-2022-2364 (A vulnerability, which was classified as problematic, was found 
in Sou ...)
-       TODO: check
+       NOT-FOR-US: Simple Parking Management System
 CVE-2022-2363 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Simple Parking Management System
 CVE-2022-2362
        RESERVED
 CVE-2022-2361
@@ -1821,9 +1821,9 @@ CVE-2022-2300 (Cross-site Scripting (XSS) - Stored in 
GitHub repository microweb
 CVE-2022-2299
        RESERVED
 CVE-2022-2298 (A vulnerability has been found in SourceCodester Clinics 
Patient Manag ...)
-       TODO: check
+       NOT-FOR-US: Clinics Patient Management System
 CVE-2022-2297 (A vulnerability, which was classified as critical, was found in 
Source ...)
-       TODO: check
+       NOT-FOR-US: Clinics Patient Management System
 CVE-2022-2296
        RESERVED
        {DSA-5180-1}
@@ -1843,11 +1843,11 @@ CVE-2022-2294
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-2293 (A vulnerability classified as problematic was found in 
SourceCodester  ...)
-       TODO: check
+       NOT-FOR-US: Simple Sales Management System
 CVE-2022-2292 (A vulnerability classified as problematic has been found in 
SourceCode ...)
-       TODO: check
+       NOT-FOR-US: Hotel Management System
 CVE-2022-2291 (A vulnerability was found in SourceCodester Hotel Management 
System 2. ...)
-       TODO: check
+       NOT-FOR-US: Hotel Management System
 CVE-2022-34915
        RESERVED
 CVE-2022-34914 (Webswing before 22.1.3 allows X-Forwarded-For header 
injection. The cl ...)
@@ -2124,9 +2124,9 @@ CVE-2022-2264 (Heap-based Buffer Overflow in GitHub 
repository vim/vim prior to
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05 
(v9.0.0011)
        NOTE: Crash in CLI tool, no security impact
 CVE-2022-2263 (A vulnerability was found in Online Hotel Booking System 1.0 
and class ...)
-       TODO: check
+       NOT-FOR-US: Online Hotel Booking System
 CVE-2022-2262 (A vulnerability has been found in Online Hotel Booking System 
1.0 and  ...)
-       TODO: check
+       NOT-FOR-US: Online Hotel Booking System
 CVE-2022-2261
        RESERVED
 CVE-2022-2260
@@ -2177,11 +2177,11 @@ CVE-2022-2256
 CVE-2022-2255
        RESERVED
 CVE-2022-34821 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 
(All versi ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34820 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 
(All versi ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34819 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 
(All versi ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34818 (Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does 
not perfo ...)
        NOT-FOR-US: Jenkins plugin
 CVE-2022-34817 (A cross-site request forgery (CSRF) vulnerability in Jenkins 
Failed Jo ...)
@@ -2347,7 +2347,7 @@ CVE-2022-34750 (An issue was discovered in MediaWiki 
through 1.38.1. The lemma l
 CVE-2022-34749
        RESERVED
 CVE-2022-34748 (A vulnerability has been identified in Simcenter Femap (All 
versions & ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34747
        RESERVED
 CVE-2022-34746
@@ -2598,7 +2598,7 @@ CVE-2022-34665
 CVE-2022-34664
        RESERVED
 CVE-2022-34663 (A vulnerability has been identified in RUGGEDCOM ROS M2100 
(All versio ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34662
        RESERVED
 CVE-2022-34661
@@ -3207,13 +3207,13 @@ CVE-2022-34468
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/#CVE-2022-34468
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-34468
 CVE-2022-34467 (A vulnerability has been identified in Mendix Excel Importer 
Module (M ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34466 (A vulnerability has been identified in Mendix Applications 
using Mendi ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34465 (A vulnerability has been identified in Parasolid V33.1 (All 
versions), ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34464 (A vulnerability has been identified in SICAM GridEdge 
Essential ARM (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-2198
        RESERVED
 CVE-2022-2197 (By using a specific credential string, an attacker with network 
access ...)
@@ -3624,45 +3624,45 @@ CVE-2022-34293
 CVE-2022-34292
        RESERVED
 CVE-2022-34291 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34290 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34289 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34288 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34287 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34286 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34285 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34284 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34283 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34282 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34281 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34280 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34279 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34278 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34277 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34276 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34275 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34274 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34273 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34272 (A vulnerability has been identified in PADS Standard/Plus 
Viewer (All  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-34271
        RESERVED
 CVE-2022-2180
@@ -5195,7 +5195,7 @@ CVE-2022-33738 (OpenVPN Access Server before 2.11 uses a 
weak random generator u
 CVE-2022-33737 (The OpenVPN Access Server installer creates a log file 
readable for ev ...)
        NOT-FOR-US: OpenVPN Access Server
 CVE-2022-33736 (A vulnerability has been identified in Opcenter Quality V13.1 
(All ver ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-33202 (Authentication bypass vulnerability in the setup screen of 
L2Blocker(o ...)
        NOT-FOR-US: L2Blocker
 CVE-2022-2088 (An authenticated user with admin privileges may be able to 
terminate a ...)
@@ -6419,9 +6419,9 @@ CVE-2022-33140 (The optional ShellUserGroupProvider in 
Apache NiFi 1.10.0 to 1.1
 CVE-2022-33139 (A vulnerability has been identified in SIMATIC WinCC OA V3.16 
(All ver ...)
        NOT-FOR-US: Siemens
 CVE-2022-33138 (A vulnerability has been identified in SIMATIC MV540 H (All 
versions & ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-33137 (A vulnerability has been identified in SIMATIC MV540 H (All 
versions & ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2022-33136
        RESERVED
 CVE-2022-33135



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2875fe1c7b54a825b7522252056121293781b96f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2875fe1c7b54a825b7522252056121293781b96f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to