[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Nov 15 20:23:21 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dc248231 by Salvatore Bonaccorso at 2023-11-15T21:22:58+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2023-6079
 	REJECTED
 CVE-2023-5720 (A flaw was found in Quarkus, where it does not properly sanitize artif ...)
-	TODO: check
+	NOT-FOR-US: Quarkus
 CVE-2023-5676 (In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an ...)
-	TODO: check
+	NOT-FOR-US: Eclipse OpenJ9
 CVE-2023-5245 (FileUtil.extract() enumerates all zip file entries and extracts each f ...)
 	TODO: check
 CVE-2023-4602 (The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48219 (TinyMCE is an open source rich text editor. A mutation cross-site scri ...)
 	- tinymce <removed>
 CVE-2023-48089 (xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via / ...)
-	TODO: check
+	NOT-FOR-US: XXL-Job
 CVE-2023-48088 (xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting (XSS) via /x ...)
-	TODO: check
+	NOT-FOR-US: XXL-Job
 CVE-2023-48087 (xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job ...)
-	TODO: check
+	NOT-FOR-US: XXL-Job
 CVE-2023-48014 (GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a sta ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/2613
@@ -29,11 +29,11 @@ CVE-2023-48011 (GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain
 	NOTE: https://github.com/gpac/gpac/issues/2611
 	NOTE: https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea
 CVE-2023-47637 (Pimcore is an Open Source Data & Experience Management Platform. In af ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2023-47636 (The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Fu ...)
-	TODO: check
+	NOT-FOR-US: Pimcore Admin Classic Bundle
 CVE-2023-41699 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in P ...)
-	TODO: check
+	NOT-FOR-US: Payara
 CVE-2023-34982 (This external control vulnerability, if exploited, could allow a local ...)
 	TODO: check
 CVE-2023-34062 (In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2482316f2ad24a749fe41ddba5040338d816ec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2482316f2ad24a749fe41ddba5040338d816ec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231115/ff731695/attachment.htm>
