[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 15 Apr 2022 04:36:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
19c48724 by Salvatore Bonaccorso at 2022-04-15T13:34:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2340,7 +2340,7 @@ CVE-2022-28346 (An issue was discovered in Django 2.2 
before 2.2.28, 3.2 before
        NOTE: 
https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48
 (3.2.13)
        NOTE: 
https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d
 (2.2.28)
 CVE-2022-28345 (The Signal app before 5.34 for iOS allows URI spoofing via 
RTLO inject ...)
-       TODO: check
+       NOT-FOR-US: Signal app on iOS
 CVE-2022-28344
        RESERVED
 CVE-2022-28343
@@ -3419,7 +3419,7 @@ CVE-2022-28054
 CVE-2022-28053
        RESERVED
 CVE-2022-28052 (Directory Traversal vulnerability in file 
cn/roothub/store/FileSystemS ...)
-       TODO: check
+       NOT-FOR-US: Roothub
 CVE-2022-28051
        RESERVED
 CVE-2022-28050
@@ -3993,7 +3993,7 @@ CVE-2018-25032 (zlib before 1.2.12 allows memory 
corruption when deflating (i.e.
        NOTE: https://www.openwall.com/lists/oss-security/2022/03/27/1
        NOTE: https://www.openwall.com/lists/oss-security/2022/03/28/1
 CVE-2022-27843 (DLL hijacking vulnerability in Kies prior to version 
2.6.4.22014_2 all ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2022-27842 (DLL hijacking vulnerability in Smart Switch PC prior to 
version 4.2.22 ...)
        NOT-FOR-US: Samsung
 CVE-2022-27841 (Improper exception handling in Samsung Pass prior to version 
3.7.07.5  ...)
@@ -4814,13 +4814,13 @@ CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to 
contain an arbitrary file u
 CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at 
/admin/goods/update in N ...)
        NOT-FOR-US: Newbee-Mall
 CVE-2022-27475 (Cross site scripting (XSS) vulnerability in tramyardg 
hotel-mgmt-syste ...)
-       TODO: check
+       NOT-FOR-US: tramyardg hotel-mgmt-system
 CVE-2022-27474
        RESERVED
 CVE-2022-27473 (SQL injection vulnerability in Topics Searching feature of 
Roothub 2.6 ...)
-       TODO: check
+       NOT-FOR-US: Roothub
 CVE-2022-27472 (SQL injection vulnerability in Topics Counting feature of 
Roothub 2.6. ...)
-       TODO: check
+       NOT-FOR-US: Roothub
 CVE-2022-27471
        RESERVED
 CVE-2022-27470



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19c48724b30ce5df51720f1bded6b21e93bc371e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19c48724b30ce5df51720f1bded6b21e93bc371e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to