[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 30 21:42:26 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
264f1f90 by Salvatore Bonaccorso at 2023-06-30T22:41:59+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2023-37365 (Hnswlib 0.7.0 has a double free in init_index when the M argumen
 CVE-2023-37360 (pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injec ...)
 	TODO: check
 CVE-2023-37307 (In MISP before 2.4.172, title_for_layout is not properly sanitized in  ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2023-37306 (MISP 2.4.172 mishandles different certificate file extensions in serve ...)
 	TODO: check
 CVE-2023-37305 (An issue was discovered in the ProofreadPage (aka Proofread Page) exte ...)
@@ -25,23 +25,23 @@ CVE-2023-37301 (An issue was discovered in SubmitEntityAction in Wikibase in Med
 CVE-2023-37300 (An issue was discovered in the CheckUserLog API in the CheckUser exten ...)
 	TODO: check
 CVE-2023-37299 (Joplin before 2.11.5 allows XSS via an AREA element of an image map.)
-	TODO: check
+	NOT-FOR-US: Joplin
 CVE-2023-37298 (Joplin before 2.11.5 allows XSS via a USE element in an SVG document.)
-	TODO: check
+	NOT-FOR-US: Joplin
 CVE-2023-36810 (pypdf is a pure-python PDF library capable of splitting, merging, crop ...)
 	TODO: check
 CVE-2023-36807 (pypdf is a pure-python PDF library capable of splitting, merging, crop ...)
 	TODO: check
 CVE-2023-36477 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-35178 (Certain HP LaserJet Pro print products are potentially vulnerable to B ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2023-35177 (Certain HP LaserJet Pro print products are potentially vulnerable to a ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2023-35176 (Certain HP LaserJet Pro print products are potentially vulnerable to B ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2023-35175 (Certain HP LaserJet Pro print products are potentially vulnerable to P ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2023-34840 (angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to c ...)
 	TODO: check
 CVE-2023-33276 (The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/264f1f904d4f265fe98d4a2912e195b0b1205a85

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/264f1f904d4f265fe98d4a2912e195b0b1205a85
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230630/8bfda7cf/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list