[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Jun 8 21:48:28 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ee120f8b by Salvatore Bonaccorso at 2022-06-08T22:48:02+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -111,9 +111,9 @@ CVE-2022-2017 (A vulnerability was found in SourceCodester Prison Management Sys
 CVE-2022-2016 (Cross-site Scripting (XSS) - Reflected in GitHub repository neorazorx/ ...)
 	NOT-FOR-US: neorazorx/facturascripts
 CVE-2022-2015 (Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio ...)
-	TODO: check
+	NOT-FOR-US: jgraph/drawio
 CVE-2022-2014 (Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. ...)
-	TODO: check
+	NOT-FOR-US: jgraph/drawio
 CVE-2022-32530
 	RESERVED
 CVE-2022-32529
@@ -803,9 +803,9 @@ CVE-2022-29465
 CVE-2022-25958
 	RESERVED
 CVE-2022-1993 (Path Traversal in GitHub repository gogs/gogs prior to 0.12.9. ...)
-	TODO: check
+	NOT-FOR-US: Go Git Service
 CVE-2022-1992 (Path Traversal in GitHub repository gogs/gogs prior to 0.12.9. ...)
-	TODO: check
+	NOT-FOR-US: Go Git Service
 CVE-2022-1991 (A vulnerability classified as problematic has been found in Fast Food  ...)
 	NOT-FOR-US: Fast Food Ordering System
 CVE-2022-1990
@@ -3049,7 +3049,7 @@ CVE-2022-31499
 CVE-2022-31498 (LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match_dialo ...)
 	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31497 (LibreHealth EHR Base 2.0.0 allows interface/main/finder/finder_navigat ...)
-	TODO: check
+	NOT-FOR-US: LibreHealth EHR Base
 CVE-2022-31496
 	RESERVED
 CVE-2022-31495 (LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page ...)
@@ -3389,7 +3389,7 @@ CVE-2022-31327 (Online Ordering System By janobe 2.3.2 is vulneranle to SQL Inje
 CVE-2022-31326
 	RESERVED
 CVE-2022-31325 (There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'Per ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2022-31324
 	RESERVED
 CVE-2022-31323
@@ -4080,7 +4080,7 @@ CVE-2022-31040
 CVE-2022-31039
 	RESERVED
 CVE-2022-31038 (Gogs is an open source self-hosted Git service. In versions of gogs pr ...)
-	TODO: check
+	NOT-FOR-US: Go Git Service
 CVE-2022-31037
 	RESERVED
 CVE-2022-31036



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee120f8b2c61323f7e95ed9c89d6617cc7e4ef73

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee120f8b2c61323f7e95ed9c89d6617cc7e4ef73
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220608/3d8f2a85/attachment-0001.htm>
