[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 25 21:27:14 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ed2bf0f3 by Salvatore Bonaccorso at 2023-08-25T22:26:38+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
 CVE-2023-4534 (A vulnerability, which was classified as problematic, was found in Neo ...)
-	TODO: check
+	NOT-FOR-US: NeoMind Fusion Platform
 CVE-2023-4520 (The FV Flowplayer Video Player plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
 CVE-2023-4508 (A user able to control file input to Gerbv, between versions 2.4.0 and ...)
 	TODO: check
 CVE-2023-4478 (Mattermost fails to restrict which parameters' values it takes from th ...)
 	TODO: check
 CVE-2023-41250 (In JetBrains TeamCity before 2023.05.3 reflected XSS was possible duri ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-41249 (In JetBrains TeamCity before 2023.05.3 reflected XSS was possible duri ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-41248 (In JetBrains TeamCity before 2023.05.3 stored XSS was possible during  ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-41173 (AdGuard DNS before 2.2 allows remote attackers to cause a denial of se ...)
 	TODO: check
 CVE-2023-41167 (@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by c ...)
 	TODO: check
 CVE-2023-40915 (Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detec ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40802 (The get_parentControl_list_Info function does not verify the parameter ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40801 (The sub_451784 function does not validate the parameters entered by th ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40800 (The compare_parentcontrol_time function does not authenticate user inp ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40799 (Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_4 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40798 (In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanPar ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40797 (In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not valida ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-40796 (Phicomm k2 v22.6.529.216 is vulnerable to command injection.)
 	TODO: check
 CVE-2023-40599 (Regular expression Denial-of-Service (ReDoS) exists in multiple add-on ...)
-	TODO: check
+	NOT-FOR-US: multiple addons for Mailform Pro CGI
 CVE-2023-40580 (Freighter is a Stellar chrome extension. It may be possible for a mali ...)
 	TODO: check
 CVE-2023-40579 (OpenFGA is an authorization/permission engine built for developers and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed2bf0f3f28c3d75dbfb727d1d83cb8965e1fb73

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed2bf0f3f28c3d75dbfb727d1d83cb8965e1fb73
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230825/ad4eba69/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list