[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3eda7a17 by Moritz Muehlenhoff at 2023-11-13T13:02:12+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2023-5747 (Bashis, a Security Researcher at IPVM has found a flaw that allows for ...)
-	TODO: check
+	NOT-FOR-US: Hanwha Vision PNV-A6081R
 CVE-2023-5741 (The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scrip ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-5037
@@ -101,7 +101,7 @@ CVE-2023-47164 (Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earli
 	[bookworm] - hoteldruid <no-dsa> (Minor issue)
 	[bullseye] - hoteldruid <no-dsa> (Minor issue)
 CVE-2023-47129 (Statmic is a core Laravel content management system Composer package.  ...)
-	TODO: check
+	NOT-FOR-US: Statmic
 CVE-2023-47128 (Piccolo is an object-relational mapping and query builder which suppor ...)
 	NOT-FOR-US: Piccolo ORM (not the same as src:piccolo)
 CVE-2023-47121 (Discourse is an open source platform for community discussion. Prior t ...)
@@ -174,7 +174,7 @@ CVE-2023-47800 (Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a defaul
 CVE-2023-47246 (In SysAid On-Premise before 23.3.36, a path traversal vulnerability le ...)
 	NOT-FOR-US: SysAid
 CVE-2023-46729 (sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized  ...)
-	TODO: check
+	NOT-FOR-US: sentry-javascript
 CVE-2023-45167 (IBM AIX's 7.3 Python implementation could allow a non-privileged local ...)
 	NOT-FOR-US: IBM
 CVE-2023-39796 (SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 ...)
@@ -233,9 +233,9 @@ CVE-2023-6039 (A use-after-free flaw was found in lan78xx_disconnect in drivers/
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/1e7417c188d0a83fb385ba2dbe35fd2563f2b6f3 (6.5-rc5)
 CVE-2023-4612 (Improper Authentication vulnerability in Apereo CAS injakarta.servlet. ...)
-	TODO: check
+	NOT-FOR-US: Apereo CAS
 CVE-2023-4218 (In Eclipse IDE versions < 2023-09 (4.29) some files with xml content a ...)
-	TODO: check
+	- eclipse <removed>
 CVE-2023-47616 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor  ...)
 	NOT-FOR-US: Telit Cinterion
 CVE-2023-47615 (A CWE-526: Exposure of Sensitive Information Through Environmental Var ...)
@@ -981,7 +981,7 @@ CVE-2023-46084 (Improper Neutralization of Special Elements used in an SQL Comma
 CVE-2023-45830 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-45827 (Dot diver is a lightweight, powerful, and dependency-free TypeScript u ...)
-	TODO: check
+	NOT-FOR-US: Dot diver
 CVE-2023-45657 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-45163 (The 1E-Exchange-CommandLinePing instruction that is part of the Networ ...)
@@ -47325,7 +47325,7 @@ CVE-2023-0438 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/mo
 CVE-2023-0437
 	RESERVED
 CVE-2023-0436 (The affected versions of MongoDB Atlas Kubernetes Operator may print s ...)
-	TODO: check
+	NOT-FOR-US: MongoDB Atlas Kubernetes Operator
 CVE-2022-48282 (Under very specific circumstances (see Required configuration section  ...)
 	NOT-FOR-US: MongoDB .NET/C# Driver
 CVE-2023-24371



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eda7a1723994d10f6dfa552ff9a5b0943b5689e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eda7a1723994d10f6dfa552ff9a5b0943b5689e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231113/02558654/attachment.htm>