[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Nov 30 08:47:54 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e8788693 by Salvatore Bonaccorso at 2023-11-30T09:47:35+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2023-5772 (The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5247 (Malicious Code Execution Vulnerability due to External Control of File ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2023-4474 (The improper neutralization of special elements in the WSGI server of  ...)
 	TODO: check
 CVE-2023-4473 (A command injection vulnerability in the web server of the Zyxel NAS32 ...)
 	TODO: check
 CVE-2023-49701 (Memory Corruption in SIM management while USIMPhase2init)
-	TODO: check
+	NOT-FOR-US: USIMPhase2init
 CVE-2023-49700 (Security best practices violations, a string operation in Streamingmed ...)
 	TODO: check
 CVE-2023-49699 (Memory Corruption in IMS while calling VoLTE Streamingmedia Interface)
 	TODO: check
 CVE-2023-49694 (A low-privileged OS user with access to a Windows host where NETGEAR P ...)
-	TODO: check
+	NOT-FOR-US: NETGEAR
 CVE-2023-49693 (NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol ...)
-	TODO: check
+	NOT-FOR-US: NETGEAR
 CVE-2023-49097 (ZITADEL is an identity infrastructure system. ZITADEL uses the notific ...)
-	TODO: check
+	NOT-FOR-US: ZITADEL
 CVE-2023-49095 (nexkey is a microblogging platform. Insufficient validation of Activit ...)
 	TODO: check
 CVE-2023-49094 (Symbolicator is a symbolication service for native stacktraces and min ...)
@@ -31,9 +31,9 @@ CVE-2023-49081 (aiohttp is an asynchronous HTTP client/server framework for asyn
 CVE-2023-49077 (Mailcow: dockerized is an open source groupware/email suite based on d ...)
 	TODO: check
 CVE-2023-49076 (Customer-data-framework allows management of customer data within Pimc ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2023-49052 (File Upload vulnerability in Microweber v.2.0.4 allows a remote attack ...)
-	TODO: check
+	NOT-FOR-US: microweber
 CVE-2023-48952 (An issue in the box_deserialize_reusing function in openlink virtuoso- ...)
 	TODO: check
 CVE-2023-48951 (An issue in the box_equal function in openlink virtuoso-opensource v7. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8788693f027ffba90206730c71e9b4bafe23c21

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8788693f027ffba90206730c71e9b4bafe23c21
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231130/e82312cd/attachment-0001.htm>
