[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Mar 6 20:22:03 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6fa5b6b4 by Salvatore Bonaccorso at 2023-03-06T21:21:16+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2023-1205
 CVE-2023-1204
 	RESERVED
 CVE-2023-1203 (Improper removal of sensitive data in the entry edit feature of Hub Bu ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2023-1202
 	RESERVED
 CVE-2023-1201
@@ -39,7 +39,7 @@ CVE-2023-1191 (A vulnerability classified as problematic has been found in fastc
 CVE-2023-1190 (A vulnerability was found in xiaozhuai imageinfo up to 3.0.3. It has b ...)
 	TODO: check
 CVE-2023-1189 (A vulnerability was found in WiseCleaner Wise Folder Hider 4.4.3.202.  ...)
-	TODO: check
+	NOT-FOR-US: WiseCleaner Wise Folder Hider
 CVE-2023-1188 (A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8. ...)
 	TODO: check
 CVE-2023-1187 (A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8. ...)
@@ -47,7 +47,7 @@ CVE-2023-1187 (A vulnerability was found in FabulaTech Webcam for Remote Desktop
 CVE-2023-1186 (A vulnerability has been found in FabulaTech Webcam for Remote Desktop ...)
 	TODO: check
 CVE-2023-1185 (A vulnerability, which was classified as problematic, was found in ECs ...)
-	TODO: check
+	NOT-FOR-US: ECshop
 CVE-2020-36666
 	RESERVED
 CVE-2023-XXXX [Transaction cache overrides the current user]
@@ -581,7 +581,7 @@ CVE-2023-1175 (Incorrect Calculation of Buffer Size in GitHub repository vim/vim
 	NOTE: https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e
 	NOTE: https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba (v9.0.1378)
 CVE-2022-4930 (A vulnerability classified as problematic was found in nuxsmin sysPass ...)
-	TODO: check
+	NOT-FOR-US: nuxsmin sysPass
 CVE-2017-20181
 	RESERVED
 CVE-2017-20180 (A vulnerability classified as critical has been found in Zerocoin libz ...)
@@ -589,7 +589,7 @@ CVE-2017-20180 (A vulnerability classified as critical has been found in Zerocoi
 CVE-2015-10095
 	RESERVED
 CVE-2015-10094 (A vulnerability was found in Fastly Plugin up to 0.97. It has been rat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2015-10093 (A vulnerability was found in Mark User as Spammer Plugin 1.0.0/1.0.1.  ...)
 	NOT-FOR-US: Mark User as Spammer Plugin
 CVE-2015-10092 (A vulnerability was found in Qtranslate Slug Plugin up to 1.1.16. It h ...)
@@ -5269,7 +5269,7 @@ CVE-2023-0841 (A vulnerability, which was classified as critical, has been found
 CVE-2023-0840 (A vulnerability classified as problematic was found in PHPCrazy 1.1.1. ...)
 	NOT-FOR-US: PHPCrazy
 CVE-2023-0839 (Improper Protection for Outbound Error Messages and Alert Signals vuln ...)
-	TODO: check
+	NOT-FOR-US: ProMIS Process Co. InSCADA
 CVE-2023-0838
 	RESERVED
 CVE-2023-0837
@@ -15267,7 +15267,7 @@ CVE-2017-20154 (A vulnerability was found in ghostlander Phoenixcoin. It has bee
 CVE-2022-4863 (Improper Handling of Insufficient Permissions or Privileges in GitHub  ...)
 	NOT-FOR-US: usememos
 CVE-2022-4862 (Rendering of HTML provided by another authenticated user is possible i ...)
-	TODO: check
+	NOT-FOR-US: M-Files Web
 CVE-2022-4861 (Incorrect implementation in authentication protocol in M-Files Client  ...)
 	NOT-FOR-US: M-Files
 CVE-2022-4860 (A vulnerability was found in KBase Metrics. It has been classified as  ...)
@@ -39606,7 +39606,7 @@ CVE-2022-3286 (Lack of IP address checking in GitLab EE affecting all versions f
 CVE-2022-3285 (Bypass of healthcheck endpoint allow list affecting all versions from  ...)
 	- gitlab <unfixed>
 CVE-2022-3284 (Download key for a file in a vault was passed in an insecure way that  ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2022-3283 (A potential DOS vulnerability was discovered in GitLab CE/EE affecting ...)
 	- gitlab <unfixed>
 CVE-2022-3282 (The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 ...)
@@ -58778,7 +58778,7 @@ CVE-2022-2180 (The GREYD.SUITE WordPress theme does not properly validate upload
 CVE-2022-2179 (The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 ...)
 	NOT-FOR-US: Rockwell
 CVE-2022-2178 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
-	TODO: check
+	NOT-FOR-US: Saysis Computer Starcities
 CVE-2022-2177 (Kayrasoft product before version 2 has an unauthenticated SQL Injectio ...)
 	NOT-FOR-US: Kayrasoft
 CVE-2022-2176 (This CVE ID has been rejected or withdrawn by its CVE Numbering Author ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fa5b6b4d35113c420ea8191c83e1d35f6f64d26

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fa5b6b4d35113c420ea8191c83e1d35f6f64d26
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230306/03523fe1/attachment.htm>

More information about the debian-security-tracker-commits mailing list