[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Jan 28 12:34:29 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6baf8cf9 by Salvatore Bonaccorso at 2023-01-28T13:33:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2627,23 +2627,23 @@ CVE-2023-23626
 CVE-2023-23625
 	RESERVED
 CVE-2023-23624 (Discourse is an open-source discussion platform. Prior to version 3.0. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-23623
 	RESERVED
 CVE-2023-23622
 	RESERVED
 CVE-2023-23621 (Discourse is an open-source discussion platform. Prior to version 3.0. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-23620 (Discourse is an open-source discussion platform. Prior to version 3.0. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-23619 (Modelina is a library for generating data models based on inputs such  ...)
 	TODO: check
 CVE-2023-23618
 	RESERVED
 CVE-2023-23617 (OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and  ...)
-	TODO: check
+	NOT-FOR-US: OpenMage LTS
 CVE-2023-23616 (Discourse is an open-source discussion platform. Prior to version 3.0. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-23615
 	RESERVED
 CVE-2023-23614 (Pi-hole®'s Web interface (based off of AdminLTE) provides a centr ...)
@@ -6719,11 +6719,11 @@ CVE-2022-48120 (SQL Injection vulnerability in kishan0725 Hospital Management Sy
 CVE-2022-48119
 	RESERVED
 CVE-2022-48118 (Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vul ...)
-	TODO: check
+	NOT-FOR-US: Jorani
 CVE-2022-48117
 	RESERVED
 CVE-2022-48116 (AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE)  ...)
-	TODO: check
+	NOT-FOR-US: AyaCMS
 CVE-2022-48115
 	RESERVED
 CVE-2022-48114
@@ -6739,9 +6739,9 @@ CVE-2022-48110
 CVE-2022-48109
 	RESERVED
 CVE-2022-48108 (D-Link DIR_878_FW1.30B08 was discovered to contain a command injection ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-48107 (D-Link DIR_878_FW1.30B08 was discovered to contain a command injection ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-48106
 	RESERVED
 CVE-2022-48105
@@ -6809,13 +6809,13 @@ CVE-2022-48075
 CVE-2022-48074
 	RESERVED
 CVE-2022-48073 (Phicomm K2 v22.6.534.263 was discovered to store the root and admin pa ...)
-	TODO: check
+	NOT-FOR-US: Phicomm
 CVE-2022-48072 (Phicomm K2G v22.6.3.20 was discovered to contain a command injection v ...)
-	TODO: check
+	NOT-FOR-US: Phicomm
 CVE-2022-48071 (Phicomm K2 v22.6.534.263 was discovered to store the root and admin pa ...)
-	TODO: check
+	NOT-FOR-US: Phicomm
 CVE-2022-48070 (Phicomm K2 v22.6.534.263 was discovered to contain a command injection ...)
-	TODO: check
+	NOT-FOR-US: Phicomm
 CVE-2022-48069 (Totolink A830R V4.1.2cu.5182 was discovered to contain a command injec ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2022-48068



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6baf8cf98e52003d1c7fd64fbdd54da84704d179

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6baf8cf98e52003d1c7fd64fbdd54da84704d179
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230128/1e071187/attachment.htm>
