[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Wed Feb 23 10:05:33 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5347dca7 by Neil Williams at 2022-02-23T10:05:01+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8865,7 +8865,7 @@ CVE-2022-22914 (An incorrect access control issue in the component FileManager o
 CVE-2022-22913
 	RESERVED
 CVE-2022-22912 (Prototype pollution vulnerability via .parse() in Plist before v3.0.4  ...)
-	TODO: check
+	NOT-FOR-US: Node Plist.js
 CVE-2022-22911
 	RESERVED
 CVE-2022-22910
@@ -18563,7 +18563,7 @@ CVE-2022-21687 (gh-ost is a triggerless online schema migration solution for MyS
 CVE-2022-21686 (PrestaShop is an Open Source e-commerce platform. Starting with versio ...)
 	NOT-FOR-US: PrestaShop
 CVE-2022-21685 (Frontier is Substrate's Ethereum compatibility layer. Prior to commit  ...)
-	TODO: check
+	NOT-FOR-US: Frontier
 CVE-2022-21684 (Discourse is an open source discussion platform. Versions prior to 2.7 ...)
 	NOT-FOR-US: Discourse
 CVE-2022-21683 (Wagtail is a Django based content management system focused on flexibi ...)
@@ -18609,7 +18609,7 @@ CVE-2022-21674
 CVE-2022-21673 (Grafana is an open-source platform for monitoring and observability. I ...)
 	- grafana <removed>
 CVE-2022-21672 (make-ca is a utility to deliver and manage a complete PKI configuratio ...)
-	TODO: check
+	NOT-FOR-US: make-ca
 CVE-2022-21671 (@replit/crosis is a JavaScript client that speaks Replit's container p ...)
 	NOT-FOR-US: crosis
 CVE-2022-21670 (markdown-it is a Markdown parser. Prior to version 1.3.2, special patt ...)
@@ -18701,7 +18701,7 @@ CVE-2022-21648 (Latte is an open source template engine for PHP. Versions since
 CVE-2022-21647 (CodeIgniter is an open source PHP full-stack web framework. Deserializ ...)
 	- codeigniter <itp> (bug #471583)
 CVE-2022-21646 (SpiceDB is a database system for managing security-critical applicatio ...)
-	TODO: check
+	NOT-FOR-US: Go SpiceDB
 CVE-2022-21645
 	RESERVED
 CVE-2022-21644 (USOC is an open source CMS with a focus on simplicity. In affected ver ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5347dca755353cb7d9a2f855a18250e614756137

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5347dca755353cb7d9a2f855a18250e614756137
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220223/7669ea7c/attachment.htm>

More information about the debian-security-tracker-commits mailing list