[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 14 20:35:53 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc8c5434 by Salvatore Bonaccorso at 2023-08-14T21:35:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1363,13 +1363,13 @@ CVE-2023-38695 (cypress-image-snapshot shows visual regressions in Cypress with
 CVE-2023-38692 (CloudExplorer Lite is an open source, lightweight cloud management pla ...)
 	NOT-FOR-US: CloudExplorer Lite
 CVE-2023-38691 (matrix-appservice-bridge provides an API for setting up bridges. Start ...)
-	TODO: check
+	NOT-FOR-US: matrix-appservice-bridge
 CVE-2023-38690 (matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to ver ...)
-	TODO: check
+	NOT-FOR-US: matrix-appservice-irc
 CVE-2023-38689 (Logistics Pipes is a modification (a.k.a. mod) for the computer game M ...)
 	TODO: check
 CVE-2023-38688 (twitch-tui provides Twitch chat in a terminal. Prior to version 2.4.1, ...)
-	TODO: check
+	NOT-FOR-US: twitch-tui
 CVE-2023-38686 (Sydent is an identity server for the Matrix communications protocol. P ...)
 	- matrix-sydent <unfixed> (bug #1043162)
 	NOTE: https://github.com/matrix-org/sydent/pull/574
@@ -32719,11 +32719,11 @@ CVE-2023-24482 (A vulnerability has been identified in COMOS V10.2 (All versions
 CVE-2023-24477 (In certain conditions, depending on timing and the usage of the Chrome ...)
 	NOT-FOR-US: Guardian/CMC
 CVE-2023-24471 (An access control vulnerability was found, due to the restrictions tha ...)
-	TODO: check
+	NOT-FOR-US: Nozomi Networks
 CVE-2023-24015 (A partial DoS vulnerability has been detected in the Reports section,  ...)
-	TODO: check
+	NOT-FOR-US: Nozomi Networks
 CVE-2023-23903 (An authenticated administrator can upload a SAML configuration file wi ...)
-	TODO: check
+	NOT-FOR-US: Nozomi Networks
 CVE-2023-23574 (A blind SQL Injection vulnerability in Nozomi Networks Guardian and CM ...)
 	NOT-FOR-US: Nozomi Networks Guardian and CMC
 CVE-2023-22843 (An authenticated attacker with administrative access to the appliance  ...)
@@ -36342,7 +36342,7 @@ CVE-2023-23210
 CVE-2023-23209
 	RESERVED
 CVE-2023-23208 (Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: Genesys Administrator Extension (GAX)
 CVE-2023-23207
 	RESERVED
 CVE-2023-23206
@@ -173482,9 +173482,9 @@ CVE-2021-27526 (A cross-site scripting (XSS) vulnerability in DynPG version 4.9.
 CVE-2021-27525
 	RESERVED
 CVE-2021-27524 (Cross Site Scripting (XSS) vulnerability in margox braft-editor versio ...)
-	TODO: check
+	NOT-FOR-US: margox braft-editor
 CVE-2021-27523 (An issue was discovered in open-falcon dashboard version 0.2.0, allows ...)
-	TODO: check
+	NOT-FOR-US: open-falcon dashboard
 CVE-2021-27522 (Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability ...)
 	NOT-FOR-US: Learnsite
 CVE-2021-27521
@@ -176000,7 +176000,7 @@ CVE-2021-26506
 CVE-2021-26505 (Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, ...)
 	NOT-FOR-US: MrSwitch hello.js
 CVE-2021-26504 (Directory Traversal vulnerability in Foddy node-red-contrib-huemagic v ...)
-	TODO: check
+	NOT-FOR-US: Foddy node-red-contrib-huemagic
 CVE-2021-26503
 	RESERVED
 CVE-2021-26502
@@ -205523,7 +205523,7 @@ CVE-2020-27516
 CVE-2020-27515 (A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows ...)
 	NOT-FOR-US: Savsoft Quiz
 CVE-2020-27514 (Directory Traversal vulnerability in delete function in admin.api.Temp ...)
-	TODO: check
+	NOT-FOR-US: ZrLog
 CVE-2020-27513
 	RESERVED
 CVE-2020-27512



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc8c543405805de02faf2ea4b6ad2ca93fe3d4ed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc8c543405805de02faf2ea4b6ad2ca93fe3d4ed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230814/a7c5a5f7/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list