[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jul 26 21:21:53 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6f4d813 by Salvatore Bonaccorso at 2023-07-26T22:21:16+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2023-3622 (Access Control Bypass Vulnerability in the SolarWinds Platform that al ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-3242 (Allocation of Resources Without Limits or Throttling, Improper Initial ...)
-	TODO: check
+	NOT-FOR-US:  B&R Industrial Automation
 CVE-2023-39261 (In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesti ...)
 	TODO: check
 CVE-2023-38673 (PaddlePaddle before 2.5.0 has a command injection in fs.py. This resul ...)
@@ -19,21 +19,21 @@ CVE-2023-37624 (Netdisco before v2.063000 was discovered to contain an open redi
 CVE-2023-37623 (Netdisco before v2.063000 was discovered to contain a cross-site scrip ...)
 	TODO: check
 CVE-2023-37049 (emlog 2.1.9 is vulnerable to Arbitrary file deletion via admin\templat ...)
-	TODO: check
+	NOT-FOR-US: emlog
 CVE-2023-33802 (A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to caus ...)
-	TODO: check
+	NOT-FOR-US: SumatraPDF Reader
 CVE-2023-33308 (A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS ver ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2023-33229 (The SolarWinds Platform was susceptible to the Incorrect Input Neutral ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-33225 (The SolarWinds Platform was susceptible to the Incorrect Comparison Vu ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-33224 (The SolarWinds Platform was susceptible to the Incorrect Behavior Orde ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-31466 (An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Conf ...)
-	TODO: check
+	NOT-FOR-US: FSMLabs TimeKeeper
 CVE-2023-31465 (An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. B ...)
-	TODO: check
+	NOT-FOR-US: FSMLabs TimeKeeper
 CVE-2023-3442 (A missing authorization vulnerability exists in versions of the Jenkin ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2023-3414 (A cross-site request forgery vulnerability exists in versions of the J ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6f4d8130df9edb2530ced7653f9e6830275ad83

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6f4d8130df9edb2530ced7653f9e6830275ad83
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230726/129ed271/attachment.htm>

More information about the debian-security-tracker-commits mailing list