[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 17 06:11:26 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4125af8 by Salvatore Bonaccorso at 2022-05-17T07:10:53+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -140,7 +140,7 @@ CVE-2022-1730
 CVE-2022-1729
 	RESERVED
 CVE-2022-1728 (Allowing long password leads to denial of service in polonel/trudesk i ...)
-	TODO: check
+	NOT-FOR-US: Trudesk
 CVE-2022-1727
 	RESERVED
 CVE-2022-1726 (Bootstrap Tables XSS vulnerability with Table Export plug-in when expo ...)
@@ -152,15 +152,15 @@ CVE-2022-1724
 CVE-2022-1723
 	RESERVED
 CVE-2022-1722 (SSRF in editor's proxy via IPv6 link-local address in GitHub repositor ...)
-	TODO: check
+	NOT-FOR-US: jgraph/drawio
 CVE-2022-1721 (Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio  ...)
-	TODO: check
+	NOT-FOR-US: jgraph/drawio
 CVE-2022-1720 (Buffer Over-read in function grab_file_name in GitHub repository vim/v ...)
 	TODO: check
 CVE-2022-1719 (Reflected XSS on ticket filter function in GitHub repository polonel/t ...)
-	TODO: check
+	NOT-FOR-US: Trudesk
 CVE-2022-1718 (The trudesk application allows large characters to insert in the input ...)
-	TODO: check
+	NOT-FOR-US: Trudesk
 CVE-2022-30936
 	RESERVED
 CVE-2022-30935
@@ -466,7 +466,7 @@ CVE-2022-30784
 CVE-2022-30783
 	RESERVED
 CVE-2022-30782 (Openmoney API through 2020-06-29 uses the JavaScript Math.random funct ...)
-	TODO: check
+	NOT-FOR-US: Openmoney
 CVE-2022-30781 (Gitea before 1.16.7 does not escape git fetch remote. ...)
 	- gitea <removed>
 CVE-2022-30780



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4125af89c3ca0539066745bf92496d7b32061cb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4125af89c3ca0539066745bf92496d7b32061cb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220517/1cd86a3c/attachment.htm>

More information about the debian-security-tracker-commits mailing list