[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Nov 14 08:40:30 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3b914baf by Salvatore Bonaccorso at 2023-11-14T09:40:15+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -111,19 +111,19 @@ CVE-2023-42814 (Kyverno is a policy engine designed for Kubernetes. A security v
 CVE-2023-42813 (Kyverno is a policy engine designed for Kubernetes. A security vulnera ...)
 	TODO: check
 CVE-2023-42480 (The unauthenticated attacker in NetWeaver AS Java Logon application -  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-42327 (Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 al ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2023-42326 (An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execut ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2023-42325 (Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 al ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2023-41366 (Under certain condition SAP NetWeaver Application Server ABAP - versio ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-31754 (Optimizely CMS UI before v12.16.0 was discovered to contain a cross-si ...)
-	TODO: check
+	NOT-FOR-US: Optimizely CMS UI
 CVE-2023-31403 (SAP Business One installation - version 10.0, does not perform proper  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-6104
 	REJECTED
 CVE-2023-6103 (A vulnerability has been found in Intelbras RX 1500 1.1.9 and classifi ...)
@@ -160,11 +160,11 @@ CVE-2023-46092 (Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.C
 CVE-2023-40335 (Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cl ...)
 	NOT-FOR-US: Jeremy O'Connell Cleverwise Daily Quotes
 CVE-2023-39166 (Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Compo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-35877 (Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32123 (Cross-Site Request Forgery (CSRF) vulnerability in Dream-Theme The7 al ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-XXXX [tor TROVE-2023-006]
 	- tor 0.4.8.9-1
 	[bookworm] - tor <not-affected> (Vulnerable code introduced with 0.4.8.1-alpha)
@@ -26171,7 +26171,7 @@ CVE-2023-31232 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-31231
 	RESERVED
 CVE-2023-31230 (Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tong ...)
-	TODO: check
+	NOT-FOR-US: Haoqisir Baidu Tongji generator
 CVE-2023-31229
 	RESERVED
 CVE-2023-31228 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b914bafebf830c5fdefe4428c9bcecae2657de3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b914bafebf830c5fdefe4428c9bcecae2657de3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231114/9c6d78d4/attachment.htm>
