[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 9 20:22:53 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
72f241de by Salvatore Bonaccorso at 2023-11-09T21:22:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2023-6054 (A vulnerability, which was classified as critical, was found in Tongda ...)
-	TODO: check
+	NOT-FOR-US: Tongda OA
 CVE-2023-6053 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: Tongda OA
 CVE-2023-6052 (A vulnerability classified as critical has been found in Tongda OA 201 ...)
-	TODO: check
+	NOT-FOR-US: Tongda OA
 CVE-2023-6039 (A use-after-free flaw was found in lan78xx_disconnect in drivers/net/u ...)
 	TODO: check
 CVE-2023-4612 (Improper Authentication vulnerability in Apereo CAS injakarta.servlet. ...)
@@ -11,45 +11,45 @@ CVE-2023-4612 (Improper Authentication vulnerability in Apereo CAS injakarta.ser
 CVE-2023-4218 (In Eclipse IDE versions < 2023-09 (4.29) some files with xml content a ...)
 	TODO: check
 CVE-2023-47616 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor  ...)
-	TODO: check
+	NOT-FOR-US: Telit Cinterion
 CVE-2023-47615 (A CWE-526: Exposure of Sensitive Information Through Environmental Var ...)
-	TODO: check
+	NOT-FOR-US: Telit Cinterion
 CVE-2023-47612 (A CWE-552: Files or Directories Accessible to External Parties vulnera ...)
-	TODO: check
+	NOT-FOR-US: Telit Cinterion
 CVE-2023-47610 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...)
-	TODO: check
+	NOT-FOR-US: Telit Cinterion
 CVE-2023-47373 (The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allow ...)
-	TODO: check
+	NOT-FOR-US: DRAGON FAMILY Line
 CVE-2023-47372 (The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6. ...)
-	TODO: check
+	NOT-FOR-US: UPDATESALON C-LOUNGE Line
 CVE-2023-47370 (The leakage of channel access token in bluetrick Line 13.6.1 allows re ...)
-	TODO: check
+	NOT-FOR-US: bluetrick Line
 CVE-2023-47369 (The leakage of channel access token in best_training_member Line 13.6. ...)
-	TODO: check
+	NOT-FOR-US: best_training_member Line
 CVE-2023-47368 (The leakage of channel access token in taketorinoyu Line 13.6.1 allows ...)
-	TODO: check
+	NOT-FOR-US: taketorinoyu Line
 CVE-2023-47367 (The leakage of channel access token in platinum clinic Line 13.6.1 all ...)
-	TODO: check
+	NOT-FOR-US: platinum clinic Line
 CVE-2023-47366 (The leakage of channel access token in craft_members Line 13.6.1 allow ...)
-	TODO: check
+	NOT-FOR-US: craft_members Line
 CVE-2023-47365 (The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 ...)
-	TODO: check
+	NOT-FOR-US: Lil.OFF-PRICE STORE Line
 CVE-2023-47364 (The leakage of channel access token in nagaoka taxi Line 13.6.1 allows ...)
-	TODO: check
+	NOT-FOR-US: nagaoka taxi Line
 CVE-2023-47363 (The leakage of channel access token in F.B.P members Line 13.6.1 allow ...)
-	TODO: check
+	NOT-FOR-US: F.B.P members Line
 CVE-2023-47238 (Cross-Site Request Forgery (CSRF) vulnerability in WebberZone Top 10 \ ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47237 (Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson Auto  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47110 (blockreassurance adds an information block aimed at offering helpful i ...)
-	TODO: check
+	NOT-FOR-US: blockreassurance
 CVE-2023-46894 (An issue discovered in esptool 4.6.2 allows attackers to view sensitiv ...)
 	TODO: check
 CVE-2023-46743 (application-collabora is an integration of Collabora Online in XWiki.  ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-46614 (Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Hel ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-45885 (Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct ...)
 	TODO: check
 CVE-2023-45884 (Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72f241de34647f6284e513f506f9e769a4ef4d3c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72f241de34647f6284e513f506f9e769a4ef4d3c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231109/46a01df9/attachment.htm>

More information about the debian-security-tracker-commits mailing list