[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 23 08:37:54 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6803feda by Salvatore Bonaccorso at 2023-11-23T09:37:26+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,73 +1,73 @@
 CVE-2023-49146 (DOMSanitizer (aka dom-sanitizer) before 1.0.7 allows XSS via an SVG do ...)
 	TODO: check
 CVE-2023-49102 (NZBGet 21.1 allows authenticated remote code execution because the una ...)
-	TODO: check
+	NOT-FOR-US: NZBGet
 CVE-2023-48107 (Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an  ...)
 	- zlib-ng <itp> (bug #1002056)
 CVE-2023-48105 (An heap overflow vulnerability was discovered in Bytecode alliance was ...)
 	TODO: check
 CVE-2023-47839 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47835 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47834 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47833 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47831 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47829 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47821 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47817 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47816 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47815 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47814 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47812 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47811 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47810 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47809 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47808 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47790 (Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47786 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47773 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47768 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47767 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47766 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47668 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-44290 (Dell Command | Monitor versions prior to 10.10.0, contain an improper  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-44289 (Dell Command | Configure versions prior to 4.11.0, contain an improper ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-43086 (Dell Command | Configure, versions prior to 4.11.0, contains an improp ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-41140 (A maliciously crafted PRT file when parsed through Autodesk AutoCAD 20 ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2023-41139 (A maliciously crafted STP file when parsed through Autodesk AutoCAD 20 ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2023-40002 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
 	TODO: check
 CVE-2023-39253 (Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 c ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-48706 (Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-a ...)
 	- vim <unfixed> (unimportant)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6803feda26aed450001d12e0a47179e3cce3f509

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6803feda26aed450001d12e0a47179e3cce3f509
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231123/041a8834/attachment.htm>

More information about the debian-security-tracker-commits mailing list