[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 29 12:30:56 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
004cdb19 by Salvatore Bonaccorso at 2023-12-29T13:29:22+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2023-52174 (XnView Classic before 2.51.3 on Windows has a Write Access Viola
CVE-2023-52173 (XnView Classic before 2.51.3 on Windows has a Write Access Violation a ...)
NOT-FOR-US: XnView
CVE-2023-52152 (mupnp/net/uri.c in mUPnP for C through 3.0.2 has an out-of-bounds read ...)
- TODO: check
+ NOT-FOR-US: mUPNP
CVE-2023-52085 (Winter is a free, open-source content management system. Users with ac ...)
NOT-FOR-US: Winter CMS
CVE-2023-52084 (Winter is a free, open-source content management system. Prior to 1.2. ...)
@@ -127,7 +127,7 @@ CVE-2023-52082 (Lychee is a free photo-management tool. Prior to 5.0.2, Lychee
CVE-2023-52081 (ffcss is a CLI interface to apply and configure Firefox CSS themes. Pr ...)
NOT-FOR-US: ffcss
CVE-2023-52079 (msgpackr is a fast MessagePack NodeJS/JavaScript implementation. Prior ...)
- TODO: check
+ NOT-FOR-US: msgpackr Node.js module
CVE-2023-51501 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress theme
CVE-2023-50874 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -58062,7 +58062,7 @@ CVE-2023-23636 (In Jellyfin 10.8.x through 10.8.3, the name of a playlist is vul
CVE-2023-23635 (In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnera ...)
- jellyfin <itp> (bug #994189)
CVE-2023-23634 (SQL Injection vulnerability in Documize version 5.4.2, allows remote a ...)
- TODO: check
+ NOT-FOR-US: Documize
CVE-2023-23633
RESERVED
CVE-2023-23632 (BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/004cdb19c6199d65cb04fb2a1e89d8cc05a29a97
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/004cdb19c6199d65cb04fb2a1e89d8cc05a29a97
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231229/c327488a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list