[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 13 21:18:58 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5409a29 by Salvatore Bonaccorso at 2023-06-13T22:18:27+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2023-3224 (Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3.)
-	TODO: check
+	NOT-FOR-US: Nuxt
 CVE-2023-3218 (Race Condition within a Thread in GitHub repository it-novum/openitcoc ...)
 	TODO: check
 CVE-2023-3050 (Reliance on Cookies without Validation and Integrity Checking in a Sec ...)
-	TODO: check
+	NOT-FOR-US: TMT Lockcell
 CVE-2023-3049 (Unrestricted Upload of File with Dangerous Type vulnerability in TMT L ...)
-	TODO: check
+	NOT-FOR-US: TMT Lockcell
 CVE-2023-3048 (Authorization Bypass Through User-Controlled Key vulnerability in TMT  ...)
-	TODO: check
+	NOT-FOR-US: TMT Lockcell
 CVE-2023-3047 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: TMT Lockcell
 CVE-2023-35064 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Satos Satos Mobile
 CVE-2023-34965 (SSPanel-Uim 2023.3 does not restrict access to the /link/ interface wh ...)
 	TODO: check
 CVE-2023-34249 (benjjvi/PyBB is an open source bulletin board. Prior to commit dcaeccd ...)
-	TODO: check
+	NOT-FOR-US: benjjvi/PyBB
 CVE-2023-34247 (Keystone is a content management system for Node.JS. There is an open  ...)
-	TODO: check
+	NOT-FOR-US: Keystone CMS
 CVE-2023-34122 (Improper input validation  in the installer for Zoom for Windows clien ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-34121 (Improper input validation  in the Zoom for Windows, Zoom Rooms, Zoom V ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-34120 (Improper privilege management in Zoom for Windows, Zoom Rooms for Wind ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-34115 (Buffer copy without checking size of input  in Zoom Meeting SDK  befor ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-34114 (Exposure of resource to wrong sphere in Zoom for Windows and Zoom for  ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-34113 (Insufficient verification of data authenticity  in Zoom for Windows cl ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-33921 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...)
 	TODO: check
 CVE-2023-33920 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...)
@@ -37,27 +37,27 @@ CVE-2023-33920 (A vulnerability has been identified in CP-8031 MASTER MODULE (Al
 CVE-2023-33919 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...)
 	TODO: check
 CVE-2023-33695 (Hutool v5.8.17 and below was discovered to contain an information disc ...)
-	TODO: check
+	NOT-FOR-US: Hutool
 CVE-2023-33621 (GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication ...)
-	TODO: check
+	NOT-FOR-US: GL.iNET GL-AR750S-Ext firmware
 CVE-2023-33620 (GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its ...)
-	TODO: check
+	NOT-FOR-US: GL.iNET GL-AR750S-Ext firmware
 CVE-2023-33568 (An issue in Dolibarr v16.0.0 to v16.0.5 allows unauthenticated attacke ...)
 	TODO: check
 CVE-2023-33305 (A loop with unreachable exit condition ('infinite loop') in Fortinet F ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2023-33124 (A vulnerability has been identified in JT2Go (All versions < V14.2.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-33123 (A vulnerability has been identified in JT2Go (All versions < V14.2.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-33122 (A vulnerability has been identified in JT2Go (All versions < V14.2.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-33121 (A vulnerability has been identified in JT2Go (All versions < V14.2.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-32548 (OS command injection vulnerability exists in WPS Office version 10.8.0 ...)
 	TODO: check
 CVE-2023-32546 (Code injection vulnerability exists in Chatwork Desktop Application (M ...)
-	TODO: check
+	NOT-FOR-US: Chatwork Desktop Application
 CVE-2023-31541 (A unrestricted file upload vulnerability was discovered in the \u2018B ...)
 	TODO: check
 CVE-2023-31439 (An issue was discovered in systemd 253. An attacker can modify the con ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5409a29378f21c1ce55f0e9fc64afc4df2ab6d8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5409a29378f21c1ce55f0e9fc64afc4df2ab6d8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230613/7acc98b7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list