[Git][security-tracker-team/security-tracker][master] Make severity of CVE-2022-3704 unimportant with negligible/no security impact

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Mar 26 12:37:03 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f79de11 by Salvatore Bonaccorso at 2023-03-26T13:36:21+02:00
Make severity of CVE-2022-3704 unimportant with negligible/no security impact

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -36332,9 +36332,11 @@ CVE-2022-3705 (A vulnerability was found in vim and classified as problematic. A
 	NOTE: https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731 (v9.0.0805)
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-3704 (** DISPUTED ** A vulnerability classified as problematic has been foun ...)
-	- rails <unfixed> (bug #1024274)
+	- rails <unfixed> (bug #1024274; unimportant)
 	NOTE: https://github.com/rails/rails/commit/be177e4566747b73ff63fd5f529fab564e475ed4
 	NOTE: https://github.com/rails/rails/issues/46244
+	NOTE: https://github.com/rails/rails/issues/46244#issuecomment-1380875153
+	NOTE: Considered only a bug withouth security impact by the rails team
 CVE-2022-3703 (All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prio ...)
 	NOT-FOR-US: ETIC Telecom Remote Access Server (RAS)
 CVE-2022-3702



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f79de1166bdbe7452659eafc3e767fc41421d9a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f79de1166bdbe7452659eafc3e767fc41421d9a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230326/ab11329c/attachment.htm>


More information about the debian-security-tracker-commits mailing list