[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Mar 18 08:18:03 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec5ed5b4 by Salvatore Bonaccorso at 2023-03-18T09:17:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1568,7 +1568,7 @@ CVE-2023-28118
 CVE-2023-28117
 	RESERVED
 CVE-2023-28116 (Contiki-NG is an open-source, cross-platform operating system for inte ...)
-	TODO: check
+	NOT-FOR-US: Contiki-NG
 CVE-2023-28115 (Snappy is a PHP library allowing thumbnail, snapshot or PDF generation ...)
 	TODO: check
 CVE-2023-28114
@@ -1576,19 +1576,19 @@ CVE-2023-28114
 CVE-2023-28113 (russh is a Rust SSH client and server library. Starting in version 0.3 ...)
 	TODO: check
 CVE-2023-28112 (Discourse is an open-source discussion platform. Prior to version 3.1. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-28111 (Discourse is an open-source discussion platform. Prior to version 3.1. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-28110 (Jumpserver is a popular open source bastion host, and Koko is a Jumpse ...)
 	TODO: check
 CVE-2023-28109 (Play With Docker is a browser-based Docker playground. Versions 0.0.2  ...)
 	TODO: check
 CVE-2023-28108 (Pimcore is an open source data and experience management platform. Pri ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2023-28107 (Discourse is an open-source discussion platform. Prior to version 3.0. ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-28106 (Pimcore is an open source data and experience management platform. Pri ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2023-28105 (go-used-util has commonly used utility functions for Go. Versions prio ...)
 	TODO: check
 CVE-2023-28104 (`silverstripe/graphql` serves Silverstripe data as GraphQL representat ...)
@@ -2231,7 +2231,7 @@ CVE-2023-1258
 CVE-2023-1257 (An attacker with physical access to the affected Moxa UC Series device ...)
 	NOT-FOR-US: Moxa UC Series devices
 CVE-2023-1256 (The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server ar ...)
-	TODO: check
+	NOT-FOR-US: AVEVA Plant SCADA and AVEVA Telemetry Server
 CVE-2023-1255
 	RESERVED
 CVE-2023-1254 (A vulnerability has been found in SourceCodester Health Center Patient ...)
@@ -2817,15 +2817,15 @@ CVE-2023-27713
 CVE-2023-27712
 	RESERVED
 CVE-2023-27711 (Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a r ...)
-	TODO: check
+	NOT-FOR-US: Typecho
 CVE-2023-27710
 	RESERVED
 CVE-2023-27709 (SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2023-27708
 	RESERVED
 CVE-2023-27707 (SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2023-27706
 	RESERVED
 CVE-2023-27705



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec5ed5b4491bc914968dcd2f1b0067c57c4fc216

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec5ed5b4491bc914968dcd2f1b0067c57c4fc216
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230318/5abbbf39/attachment.htm>
