[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Aug 26 08:07:13 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
89f9542c by Salvatore Bonaccorso at 2023-08-26T09:06:45+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18,7 +18,7 @@ CVE-2023-41248 (In JetBrains TeamCity before 2023.05.3 stored XSS was possible d
 CVE-2023-41173 (AdGuard DNS before 2.2 allows remote attackers to cause a denial of se ...)
 	TODO: check
 CVE-2023-41167 (@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by c ...)
-	TODO: check
+	NOT-FOR-US: Webiny
 CVE-2023-40915 (Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detec ...)
 	NOT-FOR-US: Tenda
 CVE-2023-40802 (The get_parentControl_list_Info function does not verify the parameter ...)
@@ -44,11 +44,11 @@ CVE-2023-40579 (OpenFGA is an authorization/permission engine built for develope
 CVE-2023-40577 (Alertmanager handles alerts sent by client applications such as the Pr ...)
 	TODO: check
 CVE-2023-40570 (Datasette is an open source multi-tool for exploring and publishing da ...)
-	TODO: check
+	NOT-FOR-US: Datasette
 CVE-2023-40568
 	REJECTED
 CVE-2023-40530 (Improper authorization in handler for custom URL scheme issue in 'Skyl ...)
-	TODO: check
+	NOT-FOR-US: 'Skylark' App
 CVE-2023-40182 (Silverware Games is a premium social network where people can play gam ...)
 	NOT-FOR-US: Silverware Games
 CVE-2023-40179 (Silverware Games is a premium social network where people can play gam ...)
@@ -96,9 +96,9 @@ CVE-2023-37469 (CasaOS is an open-source personal cloud system. Prior to version
 CVE-2023-37249 (Infoblox NIOS through 8.5.1 has a faulty component that accepts malici ...)
 	NOT-FOR-US: Infoblox NIOS
 CVE-2023-36199 (An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacke ...)
-	TODO: check
+	NOT-FOR-US: skalenetwork sgxwallet
 CVE-2023-36198 (Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows ...)
-	TODO: check
+	NOT-FOR-US: skalenetwork sgxwallet
 CVE-2023-32797 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-32757 (e-Excellence U-Office Force file uploading function does not restrict  ...)
@@ -108,7 +108,7 @@ CVE-2023-32756 (e-Excellence U-Office Force has a path traversal vulnerability w
 CVE-2023-32755 (e-Excellence U-Office Force generates an error message in webiste serv ...)
 	NOT-FOR-US: e-Excellence U-Office Force
 CVE-2023-32678 (Zulip is an open-source team collaboration tool with topic-based threa ...)
-	TODO: check
+	NOT-FOR-US: Zulip
 CVE-2023-32603 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao D ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-32598 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in A. R. Jo ...)
@@ -225004,7 +225004,7 @@ CVE-2020-19727
 CVE-2020-19726 (An issue was discovered in binutils libbfd.c 2.36 relating to the auxi ...)
 	TODO: check
 CVE-2020-19725 (There is a use-after-free vulnerability in file pdd_simplifier.cpp in  ...)
-	TODO: check
+	NOT-FOR-US: Z3Prover Z3
 CVE-2020-19724 (A memory consumption issue in get_data function in binutils/nm.c in GN ...)
 	TODO: check
 CVE-2020-19723



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89f9542c2592eade203c74717b2e141ec4a5e848

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89f9542c2592eade203c74717b2e141ec4a5e848
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230826/f3ae9756/attachment.htm>
