[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Apr 11 20:54:01 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eca34c3f by Salvatore Bonaccorso at 2023-04-11T21:53:32+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -58,7 +58,7 @@ CVE-2023-1964 (A vulnerability classified as critical has been found in PHPGuruk
 CVE-2023-1963 (A vulnerability was found in PHPGurukul Bank Locker Management System  ...)
 	NOT-FOR-US: PHPGurukul Bank Locker Management System
 CVE-2018-25084 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: Ping Identity Self-Service Account Manager
 CVE-2023-30451
 	RESERVED
 CVE-2023-30450 (rpk in Redpanda before 23.1.2 mishandles the redpanda.rpc_server_tls f ...)
@@ -2586,9 +2586,9 @@ CVE-2023-29378
 CVE-2023-29377
 	RESERVED
 CVE-2023-29376 (An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647,  ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2023-29375 (An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647,  ...)
-	TODO: check
+	NOT-FOR-US: Progress Sitefinity
 CVE-2023-29374 (In LangChain through 0.0.131, the LLMMathChain chain allows prompt inj ...)
 	NOT-FOR-US: LangChain
 CVE-2023-29373
@@ -3083,7 +3083,7 @@ CVE-2023-29194
 CVE-2023-29193
 	RESERVED
 CVE-2023-29192 (SilverwareGames.io versions before 1.2.19 allow users with access to t ...)
-	TODO: check
+	NOT-FOR-US: SilverwareGames.io
 CVE-2023-29191
 	RESERVED
 CVE-2023-29190
@@ -3093,7 +3093,7 @@ CVE-2023-29189 (SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106,
 CVE-2023-29188
 	RESERVED
 CVE-2023-29187 (A Windows user with basic user authorization can exploit a DLL hijacki ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-29186 (In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an att ...)
 	NOT-FOR-US: SAP
 CVE-2023-29185 (SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, ...)
@@ -5962,9 +5962,9 @@ CVE-2019-25116
 CVE-2023-28342 (Zoho ManageEngine ADSelfService Plus before 6218 allows anyone to cond ...)
 	NOT-FOR-US: Zoho
 CVE-2023-28341 (Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine A ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2023-28340 (Zoho ManageEngine Applications Manager through 16320 allows the admin  ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2023-28339 (OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege es ...)
 	- doas <removed>
 	[bullseye] - doas <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eca34c3f9081f4bf92f4e321d1225577f7792ab5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eca34c3f9081f4bf92f4e321d1225577f7792ab5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230411/f504308e/attachment-0001.htm>
