[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 2 21:30:27 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c5719971 by Salvatore Bonaccorso at 2022-08-02T22:29:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -91,7 +91,7 @@ CVE-2022-2633
 CVE-2022-2632
 	RESERVED
 CVE-2022-2631 (Improper Access Control in GitHub repository tooljet/tooljet prior to  ...)
-	TODO: check
+	NOT-FOR-US: ToolJet
 CVE-2022-2630
 	RESERVED
 CVE-2022-2629
@@ -5223,11 +5223,11 @@ CVE-2022-35224 (SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7
 CVE-2022-35223 (EasyUse MailHunter Ultimate’s cookie deserialization function ha ...)
 	TODO: check
 CVE-2022-35222 (HiCOS Citizen verification component has a stack-based buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: HiCOS Citizen verification component
 CVE-2022-35221 (Teamplus Pro community discussion has an ‘allocation of resource ...)
-	TODO: check
+	NOT-FOR-US: Teamplus Pro community discussion
 CVE-2022-35220 (Teamplus Pro community discussion function has an ‘allocation of ...)
-	TODO: check
+	NOT-FOR-US: Teamplus Pro community discussion
 CVE-2022-35219 (The NHI card’s web service component has a stack-based buffer ov ...)
 	TODO: check
 CVE-2022-35218 (The NHI card’s web service component has a heap-based buffer ove ...)
@@ -15920,19 +15920,19 @@ CVE-2022-31186 (NextAuth.js is a complete open source authentication solution fo
 CVE-2022-31185 (mprweb is a hosting platform for the makedeb Package Repository. Email ...)
 	TODO: check
 CVE-2022-31184 (Discourse is the an open source discussion platform. In affected versi ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2022-31183 (fs2 is a compositional, streaming I/O library for Scala. When establis ...)
 	TODO: check
 CVE-2022-31182 (Discourse is the an open source discussion platform. In affected versi ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2022-31181 (PrestaShop is an Open Source e-commerce platform. In versions from 1.6 ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2022-31180 (Shescape is a simple shell escape package for JavaScript. Affected ver ...)
 	NOT-FOR-US: Node shescape
 CVE-2022-31179 (Shescape is a simple shell escape package for JavaScript. Versions pri ...)
 	NOT-FOR-US: Node shescape
 CVE-2022-31178 (eLabFTW is an electronic lab notebook manager for research teams. A vu ...)
-	TODO: check
+	NOT-FOR-US: eLabFTW
 CVE-2022-31177 (Flask-AppBuilder is an application development framework built on top  ...)
 	TODO: check
 CVE-2022-31176



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5719971d5eb58c7ee225ac56745de2956e26fbe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5719971d5eb58c7ee225ac56745de2956e26fbe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220802/8aedc181/attachment.htm>

More information about the debian-security-tracker-commits mailing list