[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 13 20:42:04 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
36bd9baa by Salvatore Bonaccorso at 2023-12-13T21:41:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,61 +43,61 @@ CVE-2023-6756 (A vulnerability was found in Thecosy IceCMS 2.0.1. It has been cl
 CVE-2023-6755 (A vulnerability was found in DedeBIZ 6.2 and classified as critical. T ...)
 	NOT-FOR-US: DedeBIZ
 CVE-2023-6723 (An unrestricted file upload vulnerability has been identified in Repbo ...)
-	TODO: check
+	NOT-FOR-US: Repox
 CVE-2023-6722 (A path traversal vulnerability has been detected in Repox, which allow ...)
-	TODO: check
+	NOT-FOR-US: Repox
 CVE-2023-6721 (An XEE vulnerability has been found in Repox, which allows a remote at ...)
-	TODO: check
+	NOT-FOR-US: Repox
 CVE-2023-6720 (An XSS vulnerability stored in Repox has been identified, which allows ...)
-	TODO: check
+	NOT-FOR-US: Repox
 CVE-2023-6719 (An XSS vulnerability has been detected in Repox, which allows an attac ...)
-	TODO: check
+	NOT-FOR-US: Repox
 CVE-2023-6718 (An authentication bypass vulnerability has been found in Repox, which  ...)
-	TODO: check
+	NOT-FOR-US: Repox
 CVE-2023-6660 (When a program running on an affected system appends data to a file vi ...)
 	TODO: check
 CVE-2023-6534 (In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2 ...)
 	TODO: check
 CVE-2023-6381 (Improper input validation vulnerability in Newsletter Software SuperMa ...)
-	TODO: check
+	NOT-FOR-US: Newsletter Software SuperMailer
 CVE-2023-6380 (Open redirect vulnerability has been found in the Open CMS product aff ...)
-	TODO: check
+	NOT-FOR-US: Open CMS
 CVE-2023-6379 (Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, ...)
-	TODO: check
+	NOT-FOR-US: Open CMS
 CVE-2023-50779 (Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 an ...)
-	TODO: check
+	NOT-FOR-US: Jenkins PaaSLane Estimate Plugin
 CVE-2023-50778 (A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins PaaSLane Estimate Plugin
 CVE-2023-50777 (Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSL ...)
-	TODO: check
+	NOT-FOR-US: Jenkins PaaSLane Estimate Plugin
 CVE-2023-50776 (Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane aut ...)
-	TODO: check
+	NOT-FOR-US: Jenkins PaaSLane Estimate Plugin
 CVE-2023-50775 (A cross-site request forgery (CSRF) vulnerability in Jenkins Deploymen ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Deployment Dashboard Plugin
 CVE-2023-50774 (A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResou ...)
-	TODO: check
+	NOT-FOR-US: Jenkins HTMLResource Plugin
 CVE-2023-50773 (Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not mask acce ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Dingding JSON Pusher Plugin
 CVE-2023-50772 (Jenkins Dingding JSON Pusher Plugin 2.0 and earlier stores access toke ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Dingding JSON Pusher Plugin
 CVE-2023-50771 (Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperl ...)
-	TODO: check
+	NOT-FOR-US: Jenkins OpenId Connect Authentication Plugin
 CVE-2023-50770 (Jenkins OpenId Connect Authentication Plugin 2.6 and earlier stores a  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins OpenId Connect Authentication Plugin
 CVE-2023-50769 (Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 a ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Nexus Platform Plugin
 CVE-2023-50768 (A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Pla ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Nexus Platform Plugin
 CVE-2023-50767 (Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 a ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Nexus Platform Plugin
 CVE-2023-50766 (A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Pla ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Nexus Platform Plugin
 CVE-2023-50765 (A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Scriptler Plugin
 CVE-2023-50764 (Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restr ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Scriptler Plugin
 CVE-2023-50441 (Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.20 ...)
-	TODO: check
+	NOT-FOR-US: PRIMX ZONECENTRAL
 CVE-2023-49363 (Rockoa <2.3.3 is vulnerable to SQL Injection. The problem exists in th ...)
 	TODO: check
 CVE-2023-49296 (The Arduino Create Agent allows users to use the Arduino Create applic ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36bd9baad6baadf09dce103d93b5595bc7fb8388

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36bd9baad6baadf09dce103d93b5595bc7fb8388
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231213/75add498/attachment.htm>

More information about the debian-security-tracker-commits mailing list