[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Aug 2 10:08:10 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
472bbb5e by Moritz Muehlenhoff at 2022-08-02T11:07:56+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,7 +29,7 @@ CVE-2022-37317
 CVE-2022-37316
 	RESERVED
 CVE-2022-37315 (graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion i ...)
-	TODO: check
+	NOT-FOR-US: graphql-go
 CVE-2022-37314
 	RESERVED
 CVE-2022-37313
@@ -3420,21 +3420,21 @@ CVE-2022-35924
 CVE-2022-35923
 	RESERVED
 CVE-2022-35922 (Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In ve ...)
-	TODO: check
+	NOT-FOR-US: Rust crate websocket
 CVE-2022-35921 (fof/byobu is a private discussions extension for Flarum forum. Affecte ...)
-	TODO: check
+	NOT-FOR-US: Sanicfof/byobu (different from src:byobu)
 CVE-2022-35920 (Sanic is an opensource python web server/framework. Affected versions  ...)
-	TODO: check
+	NOT-FOR-US: Sanic
 CVE-2022-35919 (MinIO is a High Performance Object Storage released under GNU Affero G ...)
 	TODO: check
 CVE-2022-35918 (Streamlit is a data oriented application development framework for pyt ...)
-	TODO: check
+	NOT-FOR-US: Streamlit
 CVE-2022-35917 (Solana Pay is a protocol and set of reference implementations that ena ...)
-	TODO: check
+	NOT-FOR-US: Solana Pay
 CVE-2022-35916 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
-	TODO: check
+	NOT-FOR-US: OpenZeppelin
 CVE-2022-35915 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
-	TODO: check
+	NOT-FOR-US: OpenZeppelin
 CVE-2022-35914
 	RESERVED
 CVE-2022-35913
@@ -4604,9 +4604,9 @@ CVE-2022-35424
 CVE-2022-35423
 	RESERVED
 CVE-2022-35422 (Web Based Quiz System v1.0 was discovered to contain a SQL injection v ...)
-	TODO: check
+	NOT-FOR-US: Web Based Quiz System
 CVE-2022-35421 (Online Tours And Travels Management System v1.0 was discovered to cont ...)
-	TODO: check
+	NOT-FOR-US: Online Tours And Travels Management System
 CVE-2022-35420
 	RESERVED
 CVE-2022-35419
@@ -5127,7 +5127,7 @@ CVE-2022-35219
 CVE-2022-35218
 	RESERVED
 CVE-2022-35217 (The NHI card’s web service component has a stack-based buffer ov ...)
-	TODO: check
+	NOT-FOR-US: NHI card
 CVE-2022-35216
 	RESERVED
 CVE-2022-2320 [ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access]
@@ -5367,7 +5367,7 @@ CVE-2022-35120
 CVE-2022-35119
 	RESERVED
 CVE-2022-35118 (PyroCMS v3.9 was discovered to contain multiple cross-site scripting ( ...)
-	TODO: check
+	NOT-FOR-US: PyroCMS
 CVE-2022-35117
 	RESERVED
 CVE-2022-35116
@@ -5691,29 +5691,29 @@ CVE-2022-34958
 CVE-2022-34957
 	RESERVED
 CVE-2022-34956 (Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection  ...)
-	TODO: check
+	NOT-FOR-US: Pligg CMS
 CVE-2022-34955 (Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection  ...)
-	TODO: check
+	NOT-FOR-US: Pligg CMS
 CVE-2022-34954 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34953 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34952 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34951 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34950 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34949 (Pharmacy Management System v1.0 was discovered to contain multiple SQL ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34948 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34947 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34946 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34945 (Pharmacy Management System v1.0 was discovered to contain a SQL inject ...)
-	TODO: check
+	NOT-FOR-US: Pharmacy Management System
 CVE-2022-34944
 	RESERVED
 CVE-2022-34943



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/472bbb5e50ffbf02a0d385e1ca82d48b0e230c2c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/472bbb5e50ffbf02a0d385e1ca82d48b0e230c2c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220802/5afd11ff/attachment.htm>

More information about the debian-security-tracker-commits mailing list