[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 12 08:40:45 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d7e68782 by Salvatore Bonaccorso at 2023-12-12T09:40:17+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,49 +1,49 @@
CVE-2023-6709 (Improper Neutralization of Special Elements Used in a Template Engine ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-6542 (Due to lack of proper authorization checks in Emarsys SDK for Android, ...)
- TODO: check
+ NOT-FOR-US: Emarsys SDK for Android
CVE-2023-5536 (A feature in LXD (LP#1829071), affects the default configuration of Ub ...)
TODO: check
CVE-2023-50424 (SAPBTPSecurity Services Integration Library ([Golang] github.com/sap/c ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-50423 (SAPBTPSecurity Services Integration Library ([Python]sap-xssec) - vers ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-50422 (SAPBTPSecurity Services Integration Library ([Java] cloud-security-ser ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-50245 (OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata pr ...)
TODO: check
CVE-2023-49805 (Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Uptime Kuma
CVE-2023-49804 (Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Uptime Kuma
CVE-2023-49803 (@koa/cors npm provides Cross-Origin Resource Sharing (CORS) for koa, a ...)
TODO: check
CVE-2023-49802 (The LinkedCustomFields plugin for MantisBT allows users to link values ...)
- TODO: check
+ NOT-FOR-US: LinkedCustomFields plugin for MantisBT
CVE-2023-49796 (MindsDB connects artificial intelligence models to real time data. Ver ...)
- TODO: check
+ NOT-FOR-US: MindsDB
CVE-2023-49587 (SAP Solution Manager - version 720, allows an authorized attacker to e ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49584 (SAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49583 (SAPBTPSecurity Services Integration Library ([Node.js] @sap/xssec - ve ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49581 (SAP GUI for WindowsandSAP GUI for Javaallow an unauthenticated attacke ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49580 (SAP GUI for WindowsandSAP GUI for Java - versions SAP_BASIS 755, SAP_B ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49578 (SAP Cloud Connector - version 2.0, allows an authenticated user with l ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49577 (The SAP HCM (SMART PAYE solution) - versions S4HCMCIE 100, SAP_HRCIE 6 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-49494 (DedeCMS v5.7.111 was discovered to contain a reflective cross-site scr ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2023-49490 (XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scr ...)
- TODO: check
+ NOT-FOR-US: XunRuiCMS
CVE-2023-49488 (A cross-site scripting (XSS) vulnerability in Openfiler ESA v2.99.1 al ...)
- TODO: check
+ NOT-FOR-US: Openfiler ESA
CVE-2023-49058 (SAP Master Data Governance File Upload applicationallows an attacker t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-48642 (Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticate ...)
TODO: check
CVE-2023-48641 (Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecu ...)
@@ -244,7 +244,7 @@ CVE-2023-48425 (U-Boot vulnerability resulting in persistent Code Execution)
CVE-2023-48424 (U-Boot shell vulnerability resulting in Privilege escalation in a prod ...)
TODO: check
CVE-2023-48417 (Missing Permission checks resulting in unauthorized access and Manipul ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-6655 (A vulnerability, which was classified as critical, has been found in H ...)
NOT-FOR-US: Hongjing e-HR 2020
CVE-2023-6654 (A vulnerability classified as critical was found in PHPEMS 6.x/7.0. Af ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7e68782485a39f5778eee61fe40128487526f09
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7e68782485a39f5778eee61fe40128487526f09
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231212/8c44d846/attachment.htm>
More information about the debian-security-tracker-commits
mailing list