[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Nov 22 08:37:31 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af3cfad9 by Salvatore Bonaccorso at 2023-11-22T09:37:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45,25 +45,25 @@ CVE-2023-48228 (authentik is an open-source identity provider. When initialising
 CVE-2023-48161 (Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows  ...)
 	TODO: check
 CVE-2023-47393 (An access control issue in Mercedes me IOS APP v1.34.0 and below allow ...)
-	TODO: check
+	NOT-FOR-US: Mercedes me IOS APP
 CVE-2023-47392 (An access control issue in Mercedes me IOS APP v1.34.0 and below allow ...)
-	TODO: check
+	NOT-FOR-US: Mercedes me IOS APP
 CVE-2023-47016 (radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in l ...)
 	TODO: check
 CVE-2023-46814 (A binary hijacking vulnerability exists within the VideoLAN VLC media  ...)
 	TODO: check
 CVE-2023-41146 (Autodesk Customer Support Portal allows cases created by users under a ...)
-	TODO: check
+	NOT-FOR-US: Autodesk Customer Support Portal
 CVE-2023-41145 (Autodesk users who no longer have an active license for an account can ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2023-40152 (When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted  ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric Tellus Lite V-Simulator
 CVE-2023-35127 (Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric Tellus Lite V-Simulator
 CVE-2023-2447 (The UserPro plugin for WordPress is vulnerable to Cross-Site Request F ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2446 (The UserPro plugin for WordPress is vulnerable to sensitive informatio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6238 (A buffer overflow vulnerability was found in the NVM Express (NVMe) dr ...)
 	- linux <unfixed>
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -34240,7 +34240,7 @@ CVE-2023-29071
 CVE-2023-29070
 	RESERVED
 CVE-2023-29069 (A maliciously crafted DLL file can be forced to install onto a non-def ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2023-29068 (A maliciously crafted file consumed through pskernel.dll file could le ...)
 	NOT-FOR-US: Autodesk
 CVE-2023-29067 (A maliciously crafted X_B file when parsed through Autodesk\xae AutoCA ...)
@@ -95356,7 +95356,7 @@ CVE-2022-35640
 CVE-2022-35639 (IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do no ...)
 	NOT-FOR-US: IBM
 CVE-2022-35638 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-35637 (IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is ...)
 	NOT-FOR-US: IBM
 CVE-2022-35636



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af3cfad915e0f3cb97830aeed7d11270d4e464b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af3cfad915e0f3cb97830aeed7d11270d4e464b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231122/4e6ff216/attachment.htm>
