[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 25 11:00:08 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb607132 by Salvatore Bonaccorso at 2022-04-25T11:59:36+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -407,7 +407,7 @@ CVE-2022-1447
 CVE-2022-1446
 	RESERVED
 CVE-2022-1445 (Stored Cross Site Scripting vulnerability in the checked_out_to parame ...)
-	TODO: check
+	NOT-FOR-US: snipe-it
 CVE-2022-1444 (heap-use-after-free in GitHub repository radareorg/radare2 prior to 5. ...)
 	- radare2 <unfixed>
 	NOTE: https://huntr.dev/bounties/b438a940-f8a4-4872-b030-59bdd1ab72aa
@@ -458,7 +458,7 @@ CVE-2022-29580
 CVE-2022-29579
 	RESERVED
 CVE-2022-1440 (Command Injection vulnerability in git-interface at 2.1.1 in GitHub repos ...)
-	TODO: check
+	NOT-FOR-US: git-interface Nodejs module
 CVE-2022-1439 (Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository ...)
 	NOT-FOR-US: microweber
 CVE-2022-1438
@@ -6129,7 +6129,7 @@ CVE-2022-27480 (A vulnerability has been identified in SICAM A8000 CP-8031 (All
 CVE-2022-27479 (Apache Superset before 1.4.2 is vulnerable to SQL injection in chart d ...)
 	NOT-FOR-US: Apache Superset
 CVE-2022-27478 (Victor v1.0 was discovered to contain a remote code execution (RCE) vu ...)
-	TODO: check
+	NOT-FOR-US: Victor CMS
 CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload  ...)
 	NOT-FOR-US: Newbee-Mall
 CVE-2022-27476 (A cross-site scripting (XSS) vulnerability at /admin/goods/update in N ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6071329aaf30bfd8544628570069d14542e862

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6071329aaf30bfd8544628570069d14542e862
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220425/bd3017c8/attachment.htm>

More information about the debian-security-tracker-commits mailing list