[Git][security-tracker-team/security-tracker][master] Process NFUs

Sat May 27 10:29:39 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
95468eec by Salvatore Bonaccorso at 2023-05-27T11:28:54+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2023-33199 (Rekor's goals are to provide an immutable tamper resistant ledger of m ...)
 	TODO: check
 CVE-2023-33196 (Craft is a CMS for creating custom digital experiences. Cross site scr ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2023-33195 (Craft is a CMS for creating custom digital experiences on the web. A m ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2023-33194 (Craft is a CMS for creating custom digital experiences on the web.The  ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2023-33192 (ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not val ...)
 	TODO: check
 CVE-2023-33188 (Omni-notes is an open source note-taking application for Android. The  ...)
@@ -13,11 +13,11 @@ CVE-2023-33188 (Omni-notes is an open source note-taking application for Android
 CVE-2023-33187 (Highlight is an open source, full-stack monitoring platform. Highlight ...)
 	TODO: check
 CVE-2023-33184 (Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Mail
 CVE-2023-32688 (parse-server-push-adapter is the official Push Notification adapter fo ...)
 	TODO: check
 CVE-2023-32686 (Kiwi TCMS is an open source test management system for both manual and ...)
-	TODO: check
+	NOT-FOR-US: Kiwi TCMS
 CVE-2023-32676 (Autolab is a course management service that enables auto-graded progra ...)
 	TODO: check
 CVE-2023-32325 (PostHog-js is a library to interface with the PostHog analytics tool.  ...)
@@ -31,7 +31,7 @@ CVE-2023-32317 (Autolab is a course management service that enables auto-graded
 CVE-2023-32316 (CloudExplorer Lite is an open source cloud management tool. In affecte ...)
 	TODO: check
 CVE-2023-32315 (Openfire is an XMPP server licensed under the Open Source Apache Licen ...)
-	TODO: check
+	NOT-FOR-US: Ignite Realtime Openfire
 CVE-2023-32311 (CloudExplorer Lite is an open source cloud management platform. In Clo ...)
 	TODO: check
 CVE-2023-32307 (Sofia-SIP is an open-source SIP User-Agent library, compliant with the ...)
@@ -41,7 +41,7 @@ CVE-2023-2924 (A vulnerability, which was classified as critical, has been found
 CVE-2023-2923 (A vulnerability classified as critical was found in Tenda AC6 US_AC6V1 ...)
 	NOT-FOR-US: Tenda
 CVE-2023-2922 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Comment System
 CVE-2023-2825 (An issue has been discovered in GitLab CE/EE affecting only version 16 ...)
 	TODO: check
 CVE-2023-2898 (There is a null-pointer-dereference flaw found in f2fs_write_end_io in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95468eec556540358c7eade80eb9de09f13efb5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95468eec556540358c7eade80eb9de09f13efb5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230527/5c8043e6/attachment-0001.htm>
