[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 18 09:09:56 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80a4e056 by Salvatore Bonaccorso at 2023-02-18T10:09:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2023-26022
 CVE-2023-26021
 	RESERVED
 CVE-2023-26020 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: CrafterCMS
 CVE-2023-26019
 	RESERVED
 CVE-2023-26018
@@ -241,7 +241,7 @@ CVE-2023-0885
 CVE-2023-0884
 	RESERVED
 CVE-2023-0883 (A vulnerability has been found in SourceCodester Online Pizza Ordering ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Pizza Ordering System
 CVE-2023-25943
 	RESERVED
 CVE-2023-25942
@@ -285,7 +285,7 @@ CVE-2023-22330
 CVE-2023-22329
 	RESERVED
 CVE-2023-0882 (Improper Input Validation, Authorization Bypass Through User-Controlle ...)
-	TODO: check
+	NOT-FOR-US: Kron Tech Single Connect
 CVE-2023-0881
 	RESERVED
 CVE-2023-0880 (Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prio ...)
@@ -768,7 +768,7 @@ CVE-2023-25759
 CVE-2023-25758 (Onekey Touch devices through 4.0.0 and Onekey Mini devices through 2.1 ...)
 	NOT-FOR-US: Onekey
 CVE-2023-0822 (The affected product DIAEnergie (versions prior to v1.9.03.001) contai ...)
-	TODO: check
+	NOT-FOR-US: DIAEnergie
 CVE-2023-0821 (HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 job ...)
 	- nomad <unfixed>
 	[bullseye] - nomad <no-dsa> (Minor issue)
@@ -3600,7 +3600,7 @@ CVE-2023-24787
 CVE-2023-24786
 	RESERVED
 CVE-2023-24785 (An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a de ...)
-	TODO: check
+	NOT-FOR-US: Giorgio Tani peazip
 CVE-2023-24784
 	RESERVED
 CVE-2023-24783
@@ -4754,7 +4754,7 @@ CVE-2023-24390
 CVE-2023-24389
 	RESERVED
 CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking ca ...)
-	TODO: check
+	NOT-FOR-US: WpDevArt Booking calendar, Appointment Booking System plugin
 CVE-2023-24387
 	RESERVED
 CVE-2023-24386
@@ -4838,7 +4838,7 @@ CVE-2023-24371
 CVE-2023-24370
 	RESERVED
 CVE-2023-24369 (A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows atta ...)
-	TODO: check
+	NOT-FOR-US: UJCMS
 CVE-2023-24368
 	RESERVED
 CVE-2023-24367
@@ -8386,7 +8386,7 @@ CVE-2023-23066
 CVE-2023-23065
 	RESERVED
 CVE-2023-23064 (TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Acce ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-23063
 	RESERVED
 CVE-2023-23062



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80a4e056a5aa3b57ee63c5ddcd4c1fb978776cb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80a4e056a5aa3b57ee63c5ddcd4c1fb978776cb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230218/74121dae/attachment.htm>


More information about the debian-security-tracker-commits mailing list