[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Mar 30 11:42:40 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
641692ca by Salvatore Bonaccorso at 2022-03-30T12:42:19+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1067,9 +1067,9 @@ CVE-2022-27818
 CVE-2022-27817
 	RESERVED
 CVE-2022-27816 (SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be da ...)
-	TODO: check
+	NOT-FOR-US: SWHKD
 CVE-2022-27815 (SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an ...)
-	TODO: check
+	NOT-FOR-US: SWHKD
 CVE-2022-27814
 	RESERVED
 CVE-2022-27813
@@ -1903,7 +1903,7 @@ CVE-2022-27434
 CVE-2022-27433
 	RESERVED
 CVE-2022-27432 (A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attack ...)
-	TODO: check
+	NOT-FOR-US: Pluck CMS
 CVE-2022-27431
 	RESERVED
 CVE-2022-27430
@@ -2279,7 +2279,7 @@ CVE-2022-1034 (There is a Unrestricted Upload of File vulnerability in ShowDoc v
 CVE-2022-1033 (Unrestricted Upload of File with Dangerous Type in GitHub repository c ...)
 	NOT-FOR-US: Crater
 CVE-2022-1032 (Insecure deserialization of not validated module file in GitHub reposi ...)
-	TODO: check
+	NOT-FOR-US: Crater
 CVE-2022-1031 (Use After Free in op_is_set_bp in GitHub repository radareorg/radare2  ...)
 	- radare2 <unfixed>
 	NOTE: https://huntr.dev/bounties/37da2cd6-0b46-4878-a32e-acbfd8f6f457
@@ -3256,15 +3256,15 @@ CVE-2022-26953
 CVE-2022-26952
 	RESERVED
 CVE-2022-26951 (Archer 6.x through 6.10 (6.10.0.0) contains a reflected XSS vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2022-26950 (Archer 6.x through 6.9 P2 (6.9.0.2) is affected by an open redirect vu ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2022-26949 (Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access co ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2022-26948 (The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1. ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2022-26947 (Archer 6.x through 6.9 SP3 (6.9.3.0) contains a reflected XSS vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2022-0936
 	RESERVED
 CVE-2022-26946



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/641692caad3e5be327fc9c978ebbed779eedcccc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/641692caad3e5be327fc9c978ebbed779eedcccc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220330/6549b516/attachment.htm>
