[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 4 10:04:25 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c75243e by Salvatore Bonaccorso at 2023-08-04T11:03:56+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,55 +7,55 @@ CVE-2023-4140 (The WP Ultimate CSV Importer plugin for WordPress is vulnerable t
 CVE-2023-4139 (The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sen ...)
 	NOT-FOR-US: WP Ultimate CSV Importer plugin for WordPress
 CVE-2023-3373 (Predictable Exact Value from Previous Values vulnerability in Mitsubis ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2023-39343 (Sulu is an open-source PHP content management system based on the Symf ...)
 	TODO: check
 CVE-2023-38991 (An issue in the delete function in the ActModelController class of jee ...)
-	TODO: check
+	NOT-FOR-US: jeesite
 CVE-2023-38952 (Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38951 (A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attacke ...)
-	TODO: check
+	NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38950 (A path traversal vulnerability in the iclock API of ZKTeco BioTime v8. ...)
-	TODO: check
+	NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38949 (An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticat ...)
-	TODO: check
+	NOT-FOR-US: ZKTeco BioTime
 CVE-2023-38941 (django-sspanel v2022.2.2 was discovered to contain a remote command ex ...)
 	TODO: check
 CVE-2023-38708 (Pimcore is an Open Source Data & Experience Management Platform: PIM,  ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2023-37501 (A Persistent XSS vulnerability can be carried out in a certain field o ...)
-	TODO: check
+	NOT-FOR-US: Unica Campaign
 CVE-2023-37500 (A Persistent Cross-site Scripting (XSS) vulnerability can be carried o ...)
-	TODO: check
+	NOT-FOR-US: Unica Platform
 CVE-2023-37499 (A Persistent Cross-site Scripting (XSS) vulnerability can be carried o ...)
-	TODO: check
+	NOT-FOR-US: Unica Platform
 CVE-2023-37498 (A user is capable of assigning him/herself to arbitrary groups by reus ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-37497 (The Unica application exposes an API which accepts arbitrary XML input ...)
-	TODO: check
+	NOT-FOR-US: Unica application
 CVE-2023-36159 (Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Fo ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Lost and Found Information System
 CVE-2023-36158 (Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Ma ...)
-	TODO: check
+	NOT-FOR-US: sourcecodester Toll Tax Management System
 CVE-2023-36141 (User enumeration is found in in PHPJabbers Cleaning Business Software  ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36139 (In PHPJabbers Cleaning Business Software 1.0, lack of verification whe ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36138 (PHPJabbers Cleaning Business Software 1.0 is vulnerable to Cross Site  ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36137 (There is a Cross Site Scripting (XSS) vulnerability in the "theme" par ...)
 	TODO: check
 CVE-2023-36135 (User enumeration is found in in PHPJabbers Class Scheduling System v1. ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36134 (In PHP Jabbers Class Scheduling System 1.0, lack of verification when  ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36133 (PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Acc ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36132 (PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorre ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-36131 (PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrec ...)
-	TODO: check
+	NOT-FOR-US: PHPJabbers
 CVE-2023-33665 (ai-dev aitable before v0.2.2 was discovered to contain a SQL injection ...)
 	TODO: check
 CVE-2023-38497 [Cargo does not respect umask when extracting packages]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c75243ebb0af58ef9e32dc2db922335480b571f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c75243ebb0af58ef9e32dc2db922335480b571f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230804/3411a480/attachment.htm>

More information about the debian-security-tracker-commits mailing list