[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 2 20:00:29 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6adb3910 by Salvatore Bonaccorso at 2023-11-02T20:57:10+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,9 +4,9 @@ CVE-2023-XXXX [VLC: OOW in MMS URL parsing]
 CVE-2023-5910 (A vulnerability was found in PopojiCMS 2.0.1 and classified as problem ...)
 	NOT-FOR-US: PopojiCMS
 CVE-2023-47204 (Unsafe YAML deserialization in yaml.Loader in transmute-core before 1. ...)
-	TODO: check
+	NOT-FOR-US: transmute-core
 CVE-2023-46595 (Net-NTLM leak in Fireflow A32.20 and A32.50 allows an attackerto obtai ...)
-	TODO: check
+	NOT-FOR-US: Fireflow
 CVE-2023-46448 (Reflected Cross-Site Scripting (XSS) vulnerability in dmpop Mejiro Com ...)
 	NOT-FOR-US: dmpop Mejiro
 CVE-2023-46428 (An arbitrary file upload vulnerability in HadSky v7.12.10 allows attac ...)
@@ -48,7 +48,7 @@ CVE-2023-44954 (Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows
 CVE-2023-44025 (SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and befo ...)
 	NOT-FOR-US: Addifyfreegifts
 CVE-2023-39281 (A stack buffer overflow vulnerability discovered in AsfSecureBootDxe i ...)
-	TODO: check
+	NOT-FOR-US: Insyde InsydeH2O
 CVE-2023-5849 (Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allow ...)
 	- chromium 119.0.6045.105-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
@@ -68994,7 +68994,7 @@ CVE-2023-20116 (A vulnerability in the Administrative XML Web Service (AXL) API
 CVE-2023-20115 (A vulnerability in the SFTP server implementation for Cisco Nexus 3000 ...)
 	NOT-FOR-US: Cisco
 CVE-2023-20114 (A vulnerability in the file download feature of Cisco Firepower Manage ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20113 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
 	NOT-FOR-US: Cisco
 CVE-2023-20112 (A vulnerability in Cisco access point (AP) software could allow an una ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6adb3910feb46de9b617764287c0fea66cd8f193

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6adb3910feb46de9b617764287c0fea66cd8f193
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231102/ff85bdba/attachment.htm>

More information about the debian-security-tracker-commits mailing list