[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
64447640 by Salvatore Bonaccorso at 2023-12-30T09:45:05+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,31 +1,31 @@
 CVE-2023-52257 (LogoBee 0.2 allows updates.php?id= XSS.)
-	TODO: check
+	NOT-FOR-US: LogoBee
 CVE-2023-52252 (Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua ...)
-	TODO: check
+	NOT-FOR-US: Unified Remote
 CVE-2023-52240 (The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 f ...)
-	TODO: check
+	NOT-FOR-US: Kantega SAML SSO OIDC Kerberos Single Sign-on apps
 CVE-2023-50559 (An issue was discovered in XiangShan v2.1, allows local attackers to o ...)
-	TODO: check
+	NOT-FOR-US: XiangShan
 CVE-2023-50071 (Sourcecodester Customer Support System 1.0 has multiple SQL injection  ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Customer Support System
 CVE-2023-50070 (Sourcecodester Customer Support System 1.0 has multiple SQL injection  ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Customer Support System
 CVE-2023-50069 (WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to s ...)
 	TODO: check
 CVE-2023-50035 (PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users l ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Small CRM
 CVE-2023-41544 (SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remot ...)
-	TODO: check
+	NOT-FOR-US: jeecg-boot
 CVE-2023-41543 (SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attack ...)
-	TODO: check
+	NOT-FOR-US: jeecg-boot
 CVE-2023-41542 (SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote ...)
-	TODO: check
+	NOT-FOR-US: jeecg-boot
 CVE-2023-38023 (An issue was discovered in SCONE Confidential Computing Platform befor ...)
-	TODO: check
+	NOT-FOR-US: SCONE Confidential Computing Platform
 CVE-2023-38022 (An issue was discovered in Fortanix EnclaveOS Confidential Computing M ...)
-	TODO: check
+	NOT-FOR-US: Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform
 CVE-2023-38021 (An issue was discovered in Fortanix EnclaveOS Confidential Computing M ...)
-	TODO: check
+	NOT-FOR-US: Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform
 CVE-2023-7171 (A vulnerability was found in Novel-Plus up to 4.2.0. It has been decla ...)
 	NOT-FOR-US: Novel-Plus
 CVE-2023-7166 (A vulnerability classified as problematic has been found in Novel-Plus ...)
@@ -69457,9 +69457,9 @@ CVE-2022-46489 (GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to
 CVE-2022-46488
 	RESERVED
 CVE-2022-46487 (Improper initialization of x87 and SSE floating-point configuration re ...)
-	TODO: check
+	NOT-FOR-US: SCONE
 CVE-2022-46486 (A lack of pointer-validation logic in the __scone_dispatch component o ...)
-	TODO: check
+	NOT-FOR-US: SCONE
 CVE-2022-46485 (Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and be ...)
 	NOT-FOR-US: ngSurvey
 CVE-2022-46484 (Information disclosure in password protected surveys in Data Illusion  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/644476406dfde6cb218347bca3b80588366b4eca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/644476406dfde6cb218347bca3b80588366b4eca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231230/0e09c5c6/attachment.htm>