[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9537cd2 by Salvatore Bonaccorso at 2023-08-17T10:25:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2023-4395 (Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/co ...)
 	TODO: check
 CVE-2023-4392 (A vulnerability was found in Control iD Gerencia Web 1.30 and classifi ...)
-	TODO: check
+	NOT-FOR-US: Control iD Gerencia Web
 CVE-2023-40281 (EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: EC-CUBE
 CVE-2023-40252 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
 	TODO: check
 CVE-2023-40251 (Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Ge ...)
@@ -15,33 +15,33 @@ CVE-2023-40033 (Flarum is an open source forum software. Flarum is affected by a
 CVE-2023-40021 (Oppia is an online learning platform. When comparing a received CSRF t ...)
 	TODO: check
 CVE-2023-3244 (The Comments Like Dislike plugin for WordPress is vulnerable to unauth ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-39846 (An issue in Konga v0.14.9 allows attackers to bypass authentication vi ...)
 	TODO: check
 CVE-2023-38894 (A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before all ...)
 	TODO: check
 CVE-2023-35893 (IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-35011 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to serve ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-35009 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-34217 (TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series f ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-34216 (TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series f ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-34215 (TN-5900 Series firmware versions v3.3 and prior are vulnerable to the  ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-34214 (TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series f ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-34213 (TN-5900 Series firmware versions v3.3 and prior are vulnerable to comm ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-33239 (TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series f ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-33238 (TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series f ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-33237 (TN-5900 Series firmware version v3.3 and prior is vulnerable to improp ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-4389 (A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the bt ...)
 	- linux 5.17.6-1
 	[bullseye] - linux 5.10.113-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9537cd266d5ae038a00cc093397c6eb38686eeb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9537cd266d5ae038a00cc093397c6eb38686eeb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230817/6fa26a5a/attachment.htm>