[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Mar 15 08:37:20 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
50052ec2 by Salvatore Bonaccorso at 2022-03-15T09:36:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -554,7 +554,7 @@ CVE-2022-0947
 CVE-2022-0946 (Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc ...)
 	NOT-FOR-US: ShowDoc
 CVE-2022-0945 (Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHu ...)
-	TODO: check
+	NOT-FOR-US: ShowDoc
 CVE-2022-0944 (Template injection in connection test endpoint leads to RCE in GitHub  ...)
 	TODO: check
 CVE-2022-0943 (Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim  ...)
@@ -6418,7 +6418,7 @@ CVE-2022-24751
 CVE-2022-24750 (UltraVNC is a free and open source remote pc access software. A vulner ...)
 	NOT-FOR-US: UltraVNC
 CVE-2022-24749 (Sylius is an open source eCommerce platform. In versions prior to 1.9. ...)
-	TODO: check
+	NOT-FOR-US: Sylius
 CVE-2022-24748 (Shopware is an open commerce platform based on the Symfony php Framewo ...)
 	NOT-FOR-US: Shopware
 CVE-2022-24747 (Shopware is an open commerce platform based on the Symfony php Framewo ...)
@@ -6430,13 +6430,13 @@ CVE-2022-24745 (Shopware is an open commerce platform based on the Symfony php F
 CVE-2022-24744 (Shopware is an open commerce platform based on the Symfony php Framewo ...)
 	NOT-FOR-US: Shopware
 CVE-2022-24743 (Sylius is an open source eCommerce platform. Prior to versions 1.10.11 ...)
-	TODO: check
+	NOT-FOR-US: Sylius
 CVE-2022-24742 (Sylius is an open source eCommerce platform. Prior to versions 1.9.10, ...)
-	TODO: check
+	NOT-FOR-US: Sylius
 CVE-2022-24741 (Nextcloud server is an open source, self hosted cloud style services p ...)
 	- nextcloud-server <itp> (bug #941708)
 CVE-2022-24740 (Volto is a ReactJS-based frontend for the Plone Content Management Sys ...)
-	TODO: check
+	NOT-FOR-US: Volto
 CVE-2022-24739 (alltube is an html front end for youtube-dl. On releases prior to 3.0. ...)
 	NOT-FOR-US: alltube
 CVE-2022-24738 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. ...)
@@ -55352,7 +55352,7 @@ CVE-2021-32011
 CVE-2021-32010
 	RESERVED
 CVE-2021-32009 (Cross-site Scripting (XSS) vulnerability in firmware section of Secome ...)
-	TODO: check
+	NOT-FOR-US: Secomea GateManager
 CVE-2021-32008 (This issue affects: Secomea GateManager Version 9.6.621421014 and all  ...)
 	NOT-FOR-US: Secomea GateManager
 CVE-2021-32007



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50052ec25582bfbc4635f70e3aad2db111c2ad1e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50052ec25582bfbc4635f70e3aad2db111c2ad1e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220315/e737ea78/attachment-0001.htm>
