[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 23 21:33:29 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbb9467b by Salvatore Bonaccorso at 2023-06-23T22:33:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2023-3394 (Session Fixation in GitHub repository fossbilling/fossbilling prior to ...)
-	TODO: check
+	NOT-FOR-US: fossbilling
 CVE-2023-3393 (Code Injection in GitHub repository fossbilling/fossbilling prior to 0 ...)
-	TODO: check
+	NOT-FOR-US: fossbilling
 CVE-2023-3391 (A vulnerability was found in SourceCodester Human Resource Management  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Human Resource Management System
 CVE-2023-3383 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Game Result Matrix System
 CVE-2023-3382 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Game Result Matrix System
 CVE-2023-3381 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online School Fees System
 CVE-2023-3380 (A vulnerability classified as critical has been found in Wavlink WN579 ...)
-	TODO: check
+	NOT-FOR-US: WAVLINK
 CVE-2023-3304 (Improper Access Control in GitHub repository admidio/admidio prior to  ...)
-	TODO: check
+	NOT-FOR-US: admidio
 CVE-2023-3303 (Improper Access Control in GitHub repository admidio/admidio prior to  ...)
-	TODO: check
+	NOT-FOR-US: admidio
 CVE-2023-3302 (Improper Neutralization of Formula Elements in a CSV File in GitHub re ...)
-	TODO: check
+	NOT-FOR-US: admidio
 CVE-2023-36348 (POS Codekop v2.0 was discovered to contain an authenticated remote cod ...)
-	TODO: check
+	NOT-FOR-US: POS Codekop
 CVE-2023-36346 (POS Codekop v2.0 was discovered to contain a reflected cross-site scri ...)
-	TODO: check
+	NOT-FOR-US: POS Codekop
 CVE-2023-36345 (A Cross-Site Request Forgery (CSRF) in POS Codekop v2.0 allows attacke ...)
-	TODO: check
+	NOT-FOR-US: POS Codekop
 CVE-2023-36289 (An unauthenticated Cross-Site Scripting (XSS) vulnerability found in W ...)
 	TODO: check
 CVE-2023-36288 (An unauthenticated Cross-Site Scripting (XSS) vulnerability found in W ...)
@@ -45,49 +45,49 @@ CVE-2023-35931 (Shescape is a simple shell escape library for JavaScript. An att
 CVE-2023-35925 (FastAsyncWorldEdit (FAWE) is designed for efficient world editing. Thi ...)
 	TODO: check
 CVE-2023-35759 (In Progress WhatsUp Gold before 23.0.0, an SNMP-related application en ...)
-	TODO: check
+	NOT-FOR-US: Progress WhatsUp Gold
 CVE-2023-35167 (Remult is a CRUD framework for full-stack TypeScript. If you used the  ...)
 	TODO: check
 CVE-2023-35162 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35161 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35160 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35159 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35158 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35157 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35156 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35155 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35153 (XWiki Platform is a generic wiki platform. Starting in version 5.4.4 a ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35152 (XWiki Platform is a generic wiki platform. Starting in version 12.9-rc ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35151 (XWiki Platform is a generic wiki platform. Starting in version 7.3-mil ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35150 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35048 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mage ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-34673 (Elenos ETG150 FM transmitter running on version 3.12 was discovered to ...)
-	TODO: check
+	NOT-FOR-US: Elenos ETG150 FM transmitter
 CVE-2023-34672 (Improper Access Control leads to adding a high-privilege user affectin ...)
-	TODO: check
+	NOT-FOR-US: Elenos ETG150 FM transmitter
 CVE-2023-34671 (Improper Access Control leads to privilege escalation affecting Elenos ...)
-	TODO: check
+	NOT-FOR-US: Elenos ETG150 FM transmitter
 CVE-2023-34467 (XWiki Platform is a generic wiki platform. Starting in version 3.5-mil ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-34466 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-34465 (XWiki Platform is a generic wiki platform. Starting in version 11.8-rc ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-34464 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-34460 (Tauri is a framework for building binaries for all major desktop platf ...)
 	TODO: check
 CVE-2023-34203 (In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbb9467b4a646bae0b18e522461c3f6e1c2f142d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbb9467b4a646bae0b18e522461c3f6e1c2f142d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230623/a30bb407/attachment.htm>


More information about the debian-security-tracker-commits mailing list