[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 25 09:26:01 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f0d643f by Salvatore Bonaccorso at 2023-07-25T10:25:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40,29 +40,29 @@ CVE-2023-38745 (Pandoc before 3.1.6 allows arbitrary file write: this can be tri
 	- pandoc <not-affected> (Incomplete fixes for CVE-2023-35936 not applied)
 	NOTE: https://github.com/jgm/pandoc/commit/eddedbfc14916aa06fc01ff04b38aeb30ae2e625 (3.1.6)
 CVE-2023-37361 (REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via schedu ...)
-	TODO: check
+	NOT-FOR-US: REDCap
 CVE-2023-35088 (Improper Neutralization of Special Elements Used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Apache InLong
 CVE-2023-35078 (Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, throu ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2023-35067 (Plaintext Storage of a Password vulnerability in Infodrom Software E-I ...)
-	TODO: check
+	NOT-FOR-US: Infodrom
 CVE-2023-35066 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Infodrom
 CVE-2023-34434 (Deserialization of Untrusted Data Vulnerability in Apache Software Fou ...)
-	TODO: check
+	NOT-FOR-US: Apache InLong
 CVE-2023-34189 (Exposure of Resource to Wrong Sphere Vulnerability in Apache Software  ...)
-	TODO: check
+	NOT-FOR-US: Apache InLong
 CVE-2023-33777 (An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.2 ...)
-	TODO: check
+	NOT-FOR-US: Prestashop
 CVE-2023-32639 (Applicant Programme Ver.7.06 and earlier improperly restricts XML exte ...)
-	TODO: check
+	NOT-FOR-US: Applicant Programme
 CVE-2023-32637 (GBrowse accepts files with any formats uploaded and places them in the ...)
 	TODO: check
 CVE-2023-32232 (An issue was discovered in Vasion PrinterLogic Client for Windows befo ...)
-	TODO: check
+	NOT-FOR-US: Vasion
 CVE-2023-32231 (An issue was discovered in Vasion PrinterLogic Client for Windows befo ...)
-	TODO: check
+	NOT-FOR-US: Vasion
 CVE-2023-38289 [libtiff: integer overflow in tiffcp.c]
 	- tiff <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2224974



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f0d643f077e90fc15643bdaed33f592802a19be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f0d643f077e90fc15643bdaed33f592802a19be
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230725/4377e7fc/attachment.htm>

More information about the debian-security-tracker-commits mailing list