[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 2 21:25:46 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f82267a by Salvatore Bonaccorso at 2023-08-02T22:24:39+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,27 +5,27 @@ CVE-2023-3978 (Text nodes not in the HTML namespace are incorrectly literally re
 CVE-2023-3470 (Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generat ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2023-3426 (The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2023-38423 (A cross-site scripting (XSS) vulnerability exists in an undisclosed pa ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2023-38419 (An authenticated attacker with guest privileges or higher can cause th ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-38418 (The BIG-IP Edge Client Installer on macOS does not follow best practic ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2023-38330 (OXID eShop Enterprise Edition 6.5.0 \u2013 6.5.2 before 6.5.3 allows u ...)
-	TODO: check
+	NOT-FOR-US: OXID eShop Enterprise Edition
 CVE-2023-38138 (A reflected cross-site scripting (XSS) vulnerability exists in an undi ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2023-36858 (An insufficient verification of data vulnerability exists in BIG-IP Ed ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2023-36494 (Audit logs on F5OS-A may contain undisclosed sensitive information. No ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2023-36081 (Cross Site Scripting vulnerability in GatesAIr Flexiva FM Transmitter/ ...)
 	TODO: check
 CVE-2023-33383 (Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to  ...)
-	TODO: check
+	NOT-FOR-US: Shelly 4PM Pro four-channel smart switch
 CVE-2023-33257 (Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML  ...)
-	TODO: check
+	NOT-FOR-US: Verint Engagement Management
 CVE-2023-4016 (Under some circumstances, this weakness allows a user who has access t ...)
 	- procps <unfixed> (bug #1042887)
 	NOTE: https://gitlab.com/procps-ng/procps/-/issues/297



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f82267aaa8ddceb97e25edfe23f788e01eba730

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f82267aaa8ddceb97e25edfe23f788e01eba730
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/54c361b2/attachment.htm>


More information about the debian-security-tracker-commits mailing list