[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 31 Mar 2022 13:18:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
26a6ddf5 by Salvatore Bonaccorso at 2022-03-31T22:18:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -239,7 +239,7 @@ CVE-2022-28225
 CVE-2022-28224
        RESERVED
 CVE-2022-1191 (SSRF on index.php/cobrowse/proxycss/ in GitHub repository 
livehelperch ...)
-       TODO: check
+       NOT-FOR-US: livehelperchat
 CVE-2022-1190
        RESERVED
 CVE-2022-1189
@@ -277,7 +277,7 @@ CVE-2022-1178 (Stored Cross Site Scripting in GitHub 
repository openemr/openemr
 CVE-2022-1177 (Accounting User Can Download Patient Reports in openemr in 
GitHub repo ...)
        NOT-FOR-US: OpenEMR
 CVE-2022-1176 (Loose comparison causes IDOR on multiple endpoints in GitHub 
repositor ...)
-       TODO: check
+       NOT-FOR-US: livehelperchat
 CVE-2022-1175
        RESERVED
 CVE-2022-1174
@@ -645,11 +645,11 @@ CVE-2021-46743 (In Firebase PHP-JWT before 6.0.0, an 
algorithm-confusion issue (
 CVE-2020-36521
        RESERVED
 CVE-2022-28128 (Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 
and ear ...)
-       TODO: check
+       NOT-FOR-US: AttacheCase
 CVE-2022-27496 (Cross-site scripting vulnerability in Zero-channel BBS Plus 
v0.7.4 and ...)
-       TODO: check
+       NOT-FOR-US: Zero-channel BBS Plus
 CVE-2022-25348 (Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 
and ear ...)
-       TODO: check
+       NOT-FOR-US: AttacheCase
 CVE-2022-1122 (A flaw was found in the opj2_decompress program in openjpeg2 
2.4.0 in  ...)
        - openjpeg2 <unfixed>
        NOTE: https://github.com/uclouvain/openjpeg/issues/1368



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26a6ddf5e92b9f810ecd6bd057b85444fb12675c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26a6ddf5e92b9f810ecd6bd057b85444fb12675c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to