From dd88829ac3a2a3d0bbeebbc79e4a3f624891a03b Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 21 Feb 2022 09:10:43 +0100 Subject: Process NFUs --- data/CVE/list.2022 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index c803b4ee25..cf044f172b 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -693,7 +693,7 @@ CVE-2022-XXXX [Arbitrary File Write Vulnerability ] CVE-2022-25299 (This affects the package cesanta/mongoose before 7.6. The unsafe handl ...) TODO: check CVE-2022-25298 (This affects the package sprinfall/webcc before 0.3.0. It is possible ...) - TODO: check + NOT-FOR-US: webcc CVE-2022-25297 RESERVED CVE-2022-25296 @@ -3435,7 +3435,7 @@ CVE-2022-0452 [buster] - chromium (see DSA 5046) [stretch] - chromium (see DSA 4562) CVE-2022-0451 (Dart SDK contains the HTTPClient in dart:io library whcih includes aut ...) - TODO: check + NOT-FOR-US: Dart SDK CVE-2022-0450 RESERVED CVE-2022-0449 @@ -4491,7 +4491,7 @@ CVE-2022-0354 CVE-2022-0353 RESERVED CVE-2022-23913 (In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker coul ...) - TODO: check + NOT-FOR-US: Apache ActiveMQ Artemis CVE-2022-23912 RESERVED CVE-2022-23911 @@ -4694,7 +4694,7 @@ CVE-2022-0338 (Improper Privilege Management in Conda loguru prior to 0.5.3. ... NOTE: Document best practices for security: https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa NOTE: loguru documents security considerations and best practices to follow CVE-2022-23848 (In Alluxio before 2.7.3, the logserver does not validate the input str ...) - TODO: check + NOT-FOR-US: Alluxio CVE-2022-23847 RESERVED CVE-2022-23846 @@ -5211,7 +5211,7 @@ CVE-2022-23652 CVE-2022-23651 RESERVED CVE-2022-23650 (Netmaker is a platform for creating and managing virtual overlay netwo ...) - TODO: check + NOT-FOR-US: Netmaker CVE-2022-23649 (Cosign provides container signing, verification, and storage in an OCI ...) NOT-FOR-US: Cosign CVE-2022-23648 -- cgit v1.2.3