[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
012fbc94 by Salvatore Bonaccorso at 2022-12-27T21:24:52+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65,13 +65,13 @@ CVE-2023-22277
 CVE-2023-0026
        RESERVED
 CVE-2022-47968 (Heimdall Application Dashboard through 2.5.4 allows reflected 
XSS via  ...)
-       TODO: check
+       NOT-FOR-US: Heimdall Application Dashboard
 CVE-2022-47967
        RESERVED
 CVE-2022-4767 (Denial of Service in GitHub repository usememos/memos prior to 
0.9.1. ...)
-       TODO: check
+       NOT-FOR-US: usememos
 CVE-2022-4766 (A vulnerability was found in dolibarr_project_timesheet up to 
4.5.5. I ...)
-       TODO: check
+       NOT-FOR-US: dolibarr_project_timesheet
 CVE-2022-4765
        RESERVED
 CVE-2022-4764
@@ -111,31 +111,31 @@ CVE-2022-4748 (A vulnerability was found in FlatPress. It 
has been classified as
 CVE-2022-4747
        RESERVED
 CVE-2021-4289 (A vulnerability classified as problematic was found in OpenMRS 
openmrs ...)
-       TODO: check
+       NOT-FOR-US: OpenMRS
 CVE-2021-4288 (A vulnerability was found in OpenMRS 
openmrs-module-referenceapplicati ...)
-       TODO: check
+       NOT-FOR-US: OpenMRS
 CVE-2021-4287 (A vulnerability, which was classified as problematic, was found 
in ReF ...)
        TODO: check
 CVE-2021-4286 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: cocagne pysrp
 CVE-2021-4285 (A vulnerability classified as problematic was found in Nagios 
NCPA. Th ...)
        TODO: check
 CVE-2021-4284 (A vulnerability classified as problematic has been found in 
OpenMRS HT ...)
-       TODO: check
+       NOT-FOR-US: OpenMRS
 CVE-2021-4283 (A vulnerability was found in FreeBPX voicemail. It has been 
rated as p ...)
-       TODO: check
+       NOT-FOR-US: FreeBPX voicemail
 CVE-2021-4282 (A vulnerability was found in FreePBX voicemail. It has been 
declared a ...)
-       TODO: check
+       NOT-FOR-US: FreePBX voicemail
 CVE-2020-36634 (A vulnerability classified as problematic has been found in 
Indeed Eng ...)
-       TODO: check
+       NOT-FOR-US: Indeed Engineering util
 CVE-2020-36633 (A vulnerability was found in moodle-block_sitenews 1.0. It has 
been cl ...)
-       TODO: check
+       NOT-FOR-US: moodle-block_sitenews
 CVE-2019-25090 (A vulnerability was found in FreePBX arimanager up to 13.0.5.3 
and cla ...)
-       TODO: check
+       NOT-FOR-US: FreePBX arimanager
 CVE-2019-25089 (A vulnerability has been found in Morgawr Muon 0.1.1 and 
classified as ...)
-       TODO: check
+       NOT-FOR-US: Morgawr Muon
 CVE-2019-25088 (A vulnerability was found in ytti Oxidized Web. It has been 
classified ...)
-       TODO: check
+       NOT-FOR-US: ytti Oxidized Web
 CVE-2019-25087 (A vulnerability was found in RamseyK httpserver. It has been 
rated as  ...)
        TODO: check
 CVE-2019-25086 (A vulnerability was found in IET-OU Open Media Player up to 
1.5.0. It  ...)
@@ -8876,29 +8876,29 @@ CVE-2022-3996 (If an X.509 certificate contains a 
malformed policy constraint an
 CVE-2022-45435
        RESERVED
 CVE-2022-45434 (Some Dahua software products have a vulnerability of 
unauthenticated u ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45433 (Some Dahua software products have a vulnerability of 
unauthenticated t ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45432 (Some Dahua software products have a vulnerability of 
unauthenticated s ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45431 (Some Dahua software products have a vulnerability of 
unauthenticated r ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45430 (Some Dahua software products have a vulnerability of 
unauthenticated e ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45429 (Some Dahua software products have a vulnerability of 
server-side reque ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45428 (Some Dahua software products have a vulnerability of sensitive 
informa ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45427 (Some Dahua software products have a vulnerability of 
unrestricted uplo ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45426 (Some Dahua software products have a vulnerability of 
unrestricted down ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45425 (Some Dahua software products have a vulnerability of using of 
hard-cod ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45424 (Some Dahua software products have a vulnerability of 
unauthenticated r ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45423 (Some Dahua software products have a vulnerability of 
unauthenticated r ...)
-       TODO: check
+       NOT-FOR-US: Dahua
 CVE-2022-45422 (When LG SmartShare is installed, local privilege escalation is 
possibl ...)
        NOT-FOR-US: LG
 CVE-2022-45122 (Cross-site scripting vulnerability in Movable Type Movable 
Type 7 r.53 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/012fbc94e50a17d9ce9dab67d5148f84bd64e76b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/012fbc94e50a17d9ce9dab67d5148f84bd64e76b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits