[Git][security-tracker-team/security-tracker][master] Process NFUs

Mon, 25 Apr 2022 03:00:17 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fb607132 by Salvatore Bonaccorso at 2022-04-25T11:59:36+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -407,7 +407,7 @@ CVE-2022-1447
 CVE-2022-1446
        RESERVED
 CVE-2022-1445 (Stored Cross Site Scripting vulnerability in the checked_out_to 
parame ...)
-       TODO: check
+       NOT-FOR-US: snipe-it
 CVE-2022-1444 (heap-use-after-free in GitHub repository radareorg/radare2 
prior to 5. ...)
        - radare2 <unfixed>
        NOTE: https://huntr.dev/bounties/b438a940-f8a4-4872-b030-59bdd1ab72aa
@@ -458,7 +458,7 @@ CVE-2022-29580
 CVE-2022-29579
        RESERVED
 CVE-2022-1440 (Command Injection vulnerability in [email protected] in 
GitHub repos ...)
-       TODO: check
+       NOT-FOR-US: git-interface Nodejs module
 CVE-2022-1439 (Reflected XSS on demo.microweber.org/demo/module/ in GitHub 
repository ...)
        NOT-FOR-US: microweber
 CVE-2022-1438
@@ -6129,7 +6129,7 @@ CVE-2022-27480 (A vulnerability has been identified in 
SICAM A8000 CP-8031 (All
 CVE-2022-27479 (Apache Superset before 1.4.2 is vulnerable to SQL injection in 
chart d ...)
        NOT-FOR-US: Apache Superset
 CVE-2022-27478 (Victor v1.0 was discovered to contain a remote code execution 
(RCE) vu ...)
-       TODO: check
+       NOT-FOR-US: Victor CMS
 CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to contain an arbitrary file 
upload  ...)
        NOT-FOR-US: Newbee-Mall
 CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at 
/admin/goods/update in N ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6071329aaf30bfd8544628570069d14542e862

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6071329aaf30bfd8544628570069d14542e862
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to