[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Jul 9 06:21:10 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c61ac91 by Salvatore Bonaccorso at 2023-07-09T07:20:47+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,27 +3,27 @@ CVE-2023-3566 (A vulnerability was found in wallabag 2.5.4. It has been declared
 CVE-2023-3565 (Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampass ...)
 	- teampass <itp> (bug #730180)
 CVE-2023-3564 (A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System  ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts GZ Multi Hotel Booking System
 CVE-2023-3563 (A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts GZ E Learning Platform
 CVE-2023-3562 (A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and  ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts PHP CRM Platform
 CVE-2023-3561 (A vulnerability, which was classified as problematic, was found in GZ  ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts PHP GZ Hotel Booking Script
 CVE-2023-3560 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts Ticket Booking Script
 CVE-2023-3559 (A vulnerability classified as problematic was found in GZ Scripts PHP  ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts PHP GZ Appointment Scheduling Script
 CVE-2023-3558 (A vulnerability classified as problematic has been found in GZ Scripts ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts Event Booking Calendar
 CVE-2023-3557 (A vulnerability was found in GZ Scripts Property Listing Script 1.0. I ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts Property Listing Script
 CVE-2023-3556 (A vulnerability was found in GZ Scripts Car Listing Script PHP 1.8. It ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts Car Listing Script PHP
 CVE-2023-3555 (A vulnerability was found in GZ Scripts PHP Vacation Rental Script 1.8 ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts PHP Vacation Rental Script
 CVE-2023-3554 (A vulnerability was found in GZ Scripts GZ Forum Script 1.8 and classi ...)
-	TODO: check
+	NOT-FOR-US: GZ Scripts GZ Forum Script
 CVE-2023-3553 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
 	- teampass <itp> (bug #730180)
 CVE-2023-3552 (Improper Encoding or Escaping of Output in GitHub repository nilsteamp ...)
@@ -9423,15 +9423,15 @@ CVE-2023-30451
 CVE-2023-30450 (rpk in Redpanda before 23.1.2 mishandles the redpanda.rpc_server_tls f ...)
 	NOT-FOR-US: Redpanda
 CVE-2023-30449 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30448 (IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30447 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30446 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30445 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30444 (IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulne ...)
 	NOT-FOR-US: IBM
 CVE-2023-30443
@@ -17363,11 +17363,11 @@ CVE-2023-27871 (IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain
 CVE-2023-27870 (IBM Spectrum Virtualize 8.5, under certain circumstances, could disclo ...)
 	NOT-FOR-US: IBM
 CVE-2023-27869 (IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, an ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27868 (IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, an ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27867 (IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, an ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27866 (IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code e ...)
 	NOT-FOR-US: IBM
 CVE-2023-27865
@@ -138387,7 +138387,7 @@ CVE-2021-39016 (IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6
 CVE-2021-39015 (IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7. ...)
 	NOT-FOR-US: IBM
 CVE-2021-39014 (IBM Cloud Object System 3.15.8.97 is vulnerable to stored cross-site s ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-39013 (IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could  ...)
 	NOT-FOR-US: IBM
 CVE-2021-39012
@@ -245817,7 +245817,7 @@ CVE-2020-8936 (An arbitrary memory overwrite vulnerability in Asylo versions up
 CVE-2020-8935 (An arbitrary memory overwrite vulnerability in Asylo versions up to 0. ...)
 	NOT-FOR-US: Asylo
 CVE-2020-8934 (The Site Kit by Google plugin for WordPress is vulnerable to Sensitive ...)
-	TODO: check
+	NOT-FOR-US: Site Kit by Google plugin for WordPress
 CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
 	- google-compute-image-packages <removed> (bug #987353)
 	[buster] - google-compute-image-packages <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c61ac916ab8c821368133e3ec85130c5979eb4d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c61ac916ab8c821368133e3ec85130c5979eb4d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230709/5d6e793b/attachment.htm>

More information about the debian-security-tracker-commits mailing list