[Git][security-tracker-team/security-tracker][master] Process some NFUs & pistache ITP

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f8a8e4ad by Neil Williams at 2022-05-06T15:13:22+01:00
Process some NFUs & pistache ITP

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8188,7 +8188,7 @@ CVE-2022-27362
 CVE-2022-27361
 	RESERVED
 CVE-2022-27360 (SpringBlade v3.2.0 and below was discovered to contain a SQL injection ...)
-	TODO: check
+	NOT-FOR-US: SpringBlade
 CVE-2022-27359 (Foxit PDF Reader v11.2.1.53537 was discovered to contain a NULL pointe ...)
 	NOT-FOR-US: Foxit PDF Reader
 CVE-2022-27358
@@ -11875,7 +11875,7 @@ CVE-2022-0759 (A flaw was found in all versions of kubeclient up to (but not inc
 CVE-2022-26085
 	RESERVED
 CVE-2022-26068 (This affects the package pistacheio/pistache before 0.0.3.20220425. It ...)
-	TODO: check
+	- pistache <itp> (bug #929593)
 CVE-2022-26066
 	RESERVED
 CVE-2022-26063
@@ -12153,7 +12153,7 @@ CVE-2022-25856
 CVE-2022-25855
 	RESERVED
 CVE-2022-25854 (This affects the package @yaireo/tagify before 4.9.8. The package is u ...)
-	TODO: check
+	NOT-FOR-US: Tagify
 CVE-2022-25853
 	RESERVED
 CVE-2022-25852
@@ -12161,7 +12161,7 @@ CVE-2022-25852
 CVE-2022-25851
 	RESERVED
 CVE-2022-25850 (The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnera ...)
-	TODO: check
+	NOT-FOR-US: hoppscotch proxyscotch
 CVE-2022-25849
 	RESERVED
 CVE-2022-25848
@@ -12178,7 +12178,7 @@ CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular Expres
 CVE-2022-25843
 	RESERVED
 CVE-2022-25842 (All versions of package com.alibaba.oneagent:one-java-agent-plugin are ...)
-	TODO: check
+	NOT-FOR-US: alibaba one-java-agent
 CVE-2022-25840
 	RESERVED
 CVE-2022-25839 (The package url-js before 2.1.0 are vulnerable to Improper Input Valid ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8a8e4ad3cefe2cc8979449912f052a8234303fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8a8e4ad3cefe2cc8979449912f052a8234303fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220506/3d2c3f59/attachment.htm>