[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 30 09:45:41 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b40ce1d0 by Salvatore Bonaccorso at 2023-08-30T10:45:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,25 +13,25 @@ CVE-2023-4525
 CVE-2023-4522 (An issue has been discovered in GitLab affecting all versions starting ...)
 	TODO: check
 CVE-2023-4296 (If an attacker tricks an admin user of PTC Codebeamer into clicking on ...)
-	TODO: check
+	NOT-FOR-US: PTC Codebeamer
 CVE-2023-41269
 	REJECTED
 CVE-2023-41266 (A path traversal vulnerability found in Qlik Sense Enterprise for Wind ...)
-	TODO: check
+	NOT-FOR-US: Qlik
 CVE-2023-41265 (An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise ...)
-	TODO: check
+	NOT-FOR-US: Qlik
 CVE-2023-41153 (A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configura ...)
 	TODO: check
 CVE-2023-39559 (AudimexEE 15.0 was discovered to contain a full path disclosure vulner ...)
-	TODO: check
+	NOT-FOR-US: AudimexEE
 CVE-2023-39558 (AudimexEE v15.0 was discovered to contain multiple reflected cross-sit ...)
-	TODO: check
+	NOT-FOR-US: AudimexEE
 CVE-2023-38975 (* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote atta ...)
 	TODO: check
 CVE-2023-38971 (Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allo ...)
-	TODO: check
+	NOT-FOR-US: Badaso
 CVE-2023-32241 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPDevelo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4611 (A use-after-free flaw was found in mm/mempolicy.c in the memory manage ...)
 	- linux 6.4.11-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -43,7 +43,7 @@ CVE-2023-4481
 CVE-2023-4572 (Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 ...)
 	TODO: check
 CVE-2023-4346 (KNX devices that use KNX Connection Authorization and support Option 1 ...)
-	TODO: check
+	NOT-FOR-US: KNX devices
 CVE-2023-41376 (Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when ...)
 	NOT-FOR-US: Nokia Service Router Operating System (SR OS) and SR Linux
 CVE-2023-41362 (MyBB before 1.8.36 allows Code Injection by users with certain high pr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b40ce1d0ece93f3ce70a3afb8476ec1922cab735

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b40ce1d0ece93f3ce70a3afb8476ec1922cab735
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230830/7b823921/attachment.htm>

More information about the debian-security-tracker-commits mailing list