[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Feb 7 09:20:19 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7e4fc302 by Moritz Muehlenhoff at 2023-02-07T10:19:54+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4256,7 +4256,7 @@ CVE-2023-23851
 CVE-2023-23850
 	RESERVED
 CVE-2023-23849 (Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an u ...)
-	TODO: check
+	NOT-FOR-US: Coverity
 CVE-2023-23848
 	RESERVED
 CVE-2023-23847
@@ -5958,7 +5958,7 @@ CVE-2023-23335
 CVE-2023-23334
 	RESERVED
 CVE-2023-23333 (There is a command injection vulnerability in SolarView Compact throug ...)
-	TODO: check
+	NOT-FOR-US: SolarView
 CVE-2023-23332
 	RESERVED
 CVE-2023-23331 (Amano Xoffice parking solutions 7.1.3879 is vulnerable to SQL Injectio ...)
@@ -7732,7 +7732,7 @@ CVE-2023-22748
 CVE-2023-22747
 	RESERVED
 CVE-2023-22746 (CKAN is an open-source DMS (data management system) for powering data  ...)
-	TODO: check
+	NOT-FOR-US: CKAN
 CVE-2023-22745 (tpm2-tss is an open source software implementation of the Trusted Comp ...)
 	- tpm2-tss <unfixed> (bug #1029369)
 	[bullseye] - tpm2-tss <no-dsa> (Minor issue)
@@ -8928,7 +8928,7 @@ CVE-2018-25058 (A vulnerability classified as problematic has been found in Twit
 CVE-2023-22475 (Canarytokens is an open source tool which helps track activity and act ...)
 	NOT-FOR-US: canarytokens
 CVE-2023-22474 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Node parse-server
 CVE-2023-22473 (Talk-Android enables users to have video & audio calls through Nex ...)
 	NOT-FOR-US: Talk-Android
 CVE-2023-22472 (Deck is a kanban style organization tool aimed at personal planning an ...)
@@ -83965,7 +83965,7 @@ CVE-2022-23500 (TYPO3 is an open source PHP based web content management system.
 CVE-2022-23499 (HTML sanitizer is written in PHP, aiming to provide XSS-safe markup ba ...)
 	TODO: check
 CVE-2022-23498 (Grafana is an open-source platform for monitoring and observability. W ...)
-	- grafana <removed>
+	- grafana <not-affected> (Specific to Grafana Enterprise)
 CVE-2022-23497 (FreshRSS is a free, self-hostable RSS aggregator. User configuration f ...)
 	NOT-FOR-US: FreshRSS
 CVE-2022-23496 (Yet Another UserAgent Analyzer (Yauaa) is a java library that tries to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e4fc302949c10ac1c14227c00d7faaf26d36052

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e4fc302949c10ac1c14227c00d7faaf26d36052
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230207/8f2f56f9/attachment.htm>

More information about the debian-security-tracker-commits mailing list