[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Apr 15 12:36:43 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19c48724 by Salvatore Bonaccorso at 2022-04-15T13:34:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2340,7 +2340,7 @@ CVE-2022-28346 (An issue was discovered in Django 2.2 before 2.2.28, 3.2 before
 	NOTE: https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48 (3.2.13)
 	NOTE: https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d (2.2.28)
 CVE-2022-28345 (The Signal app before 5.34 for iOS allows URI spoofing via RTLO inject ...)
-	TODO: check
+	NOT-FOR-US: Signal app on iOS
 CVE-2022-28344
 	RESERVED
 CVE-2022-28343
@@ -3419,7 +3419,7 @@ CVE-2022-28054
 CVE-2022-28053
 	RESERVED
 CVE-2022-28052 (Directory Traversal vulnerability in file cn/roothub/store/FileSystemS ...)
-	TODO: check
+	NOT-FOR-US: Roothub
 CVE-2022-28051
 	RESERVED
 CVE-2022-28050
@@ -3993,7 +3993,7 @@ CVE-2018-25032 (zlib before 1.2.12 allows memory corruption when deflating (i.e.
 	NOTE: https://www.openwall.com/lists/oss-security/2022/03/27/1
 	NOTE: https://www.openwall.com/lists/oss-security/2022/03/28/1
 CVE-2022-27843 (DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 all ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2022-27842 (DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22 ...)
 	NOT-FOR-US: Samsung
 CVE-2022-27841 (Improper exception handling in Samsung Pass prior to version 3.7.07.5  ...)
@@ -4814,13 +4814,13 @@ CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to contain an arbitrary file u
 CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at /admin/goods/update in N ...)
 	NOT-FOR-US: Newbee-Mall
 CVE-2022-27475 (Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-syste ...)
-	TODO: check
+	NOT-FOR-US: tramyardg hotel-mgmt-system
 CVE-2022-27474
 	RESERVED
 CVE-2022-27473 (SQL injection vulnerability in Topics Searching feature of Roothub 2.6 ...)
-	TODO: check
+	NOT-FOR-US: Roothub
 CVE-2022-27472 (SQL injection vulnerability in Topics Counting feature of Roothub 2.6. ...)
-	TODO: check
+	NOT-FOR-US: Roothub
 CVE-2022-27471
 	RESERVED
 CVE-2022-27470



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19c48724b30ce5df51720f1bded6b21e93bc371e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19c48724b30ce5df51720f1bded6b21e93bc371e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220415/eabfd17c/attachment.htm>
