[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 17 08:20:08 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a9262888 by Salvatore Bonaccorso at 2023-11-17T09:19:39+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2023-6020 (LFI in Ray's /static/ directory allows attackers to read any file on t ...)
 	TODO: check
 CVE-2023-6014 (An attacker is able to arbitrarily create an account in MLflow bypassi ...)
-	TODO: check
+	NOT-FOR-US: mlflow
 CVE-2023-48659 (An issue was discovered in MISP before 2.4.176. app/Controller/AppCont ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2023-48658 (An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2023-48657 (An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2023-48656 (An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2023-48655 (An issue was discovered in MISP before 2.4.176. app/Controller/Compone ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2023-48649 (Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on t ...)
-	TODO: check
+	NOT-FOR-US: Concrete CMS
 CVE-2023-48648 (Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized ac ...)
-	TODO: check
+	NOT-FOR-US: Concrete CMS
 CVE-2023-48237 (Vim is an open source command line text editor. In affected versions w ...)
 	- vim <unfixed>
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-f2m2-v387-gv87



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a92628885f175cbf5a02ec9d846df580bf994db4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a92628885f175cbf5a02ec9d846df580bf994db4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231117/ab4687fb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list