[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Aug 2 21:22:55 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
215f1b26 by Salvatore Bonaccorso at 2023-08-02T22:22:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2023-4067 (The Bus Ticket Booking with Seat Reservation plugin for WordPress is v ...)
-	TODO: check
+	NOT-FOR-US: Bus Ticket Booking with Seat Reservation plugin for WordPress
 CVE-2023-3978 (Text nodes not in the HTML namespace are incorrectly literally rendere ...)
 	TODO: check
 CVE-2023-3470 (Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generat ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-3426 (The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, ...)
 	TODO: check
 CVE-2023-38423 (A cross-site scripting (XSS) vulnerability exists in an undisclosed pa ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-38419 (An authenticated attacker with guest privileges or higher can cause th ...)
 	TODO: check
 CVE-2023-38418 (The BIG-IP Edge Client Installer on macOS does not follow best practic ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-38330 (OXID eShop Enterprise Edition 6.5.0 \u2013 6.5.2 before 6.5.3 allows u ...)
 	TODO: check
 CVE-2023-38138 (A reflected cross-site scripting (XSS) vulnerability exists in an undi ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-36858 (An insufficient verification of data vulnerability exists in BIG-IP Ed ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-36494 (Audit logs on F5OS-A may contain undisclosed sensitive information. No ...)
 	TODO: check
 CVE-2023-36081 (Cross Site Scripting vulnerability in GatesAIr Flexiva FM Transmitter/ ...)
@@ -33789,7 +33789,7 @@ CVE-2023-23478
 CVE-2023-23477 (IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a ...)
 	NOT-FOR-US: IBM
 CVE-2023-23476 (IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnera ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-23475 (IBM Infosphere Information Server 11.7 is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
 CVE-2023-23474
@@ -63760,7 +63760,7 @@ CVE-2022-40611
 CVE-2022-40610
 	RESERVED
 CVE-2022-40609 (IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a re ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-40608 (IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File System ...)
 	NOT-FOR-US: IBM
 CVE-2022-40607 (IBM Spectrum Scale 5.1 could allow users with permissions to create po ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/215f1b26b54c34db67c8c2876d42640ac34429b2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/215f1b26b54c34db67c8c2876d42640ac34429b2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/53056154/attachment.htm>
