[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Mon May 16 10:03:57 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
94577c59 by Neil Williams at 2022-05-16T10:03:26+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10108,7 +10108,7 @@ CVE-2022-27249 (An unrestricted file upload vulnerability in IdeaRE RefTree befo
CVE-2022-27248 (A directory traversal vulnerability in IdeaRE RefTree before 2021.09.1 ...)
NOT-FOR-US: IdeaRE RefTree
CVE-2022-27247 (onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an att ...)
- TODO: check
+ NOT-FOR-US: cdSoft Winhotel.MX
CVE-2022-27246 (An issue was discovered in MISP before 2.4.156. An SVG org logo (which ...)
NOT-FOR-US: MISP
CVE-2022-27245 (An issue was discovered in MISP before 2.4.156. app/Model/Server.php d ...)
@@ -13792,11 +13792,11 @@ CVE-2022-25867
CVE-2022-25866 (The package czproject/git-php before 4.0.3 are vulnerable to Command I ...)
NOT-FOR-US: git-php
CVE-2022-25865 (The package workspace-tools before 0.18.4 are vulnerable to Command In ...)
- TODO: check
+ NOT-FOR-US: microsoft/workspace-tools
CVE-2022-25863
RESERVED
CVE-2022-25862 (This affects the package sds from 0.0.0. The library could be tricked ...)
- TODO: check
+ NOT-FOR-US: Node sds
CVE-2022-25861
RESERVED
CVE-2022-25860
@@ -14752,7 +14752,7 @@ CVE-2022-25593
CVE-2022-25592
RESERVED
CVE-2022-25591 (BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file de ...)
- TODO: check
+ NOT-FOR-US: BlogEngine.NET
CVE-2022-25590 (SurveyKing v0.2.0 was discovered to retain users' session cookies afte ...)
NOT-FOR-US: SurveyKing
CVE-2022-25589
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94577c59f7702d64e7ccf9007dcb44fe3dcb47b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94577c59f7702d64e7ccf9007dcb44fe3dcb47b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220516/d95d5200/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list