[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 4 21:26:29 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1112b33e by Salvatore Bonaccorso at 2023-10-04T22:26:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
 CVE-2023-5402 (ACWE-269: Improper Privilege Management vulnerability existsthat could ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2023-5399 (ACWE-22: Improper Limitation of a Pathname to a Restricted Directory ( ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2023-5391 (ACWE-502:Deserialization of untrusted datavulnerability existsthat cou ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2023-5377 (Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.)
 	TODO: check
 CVE-2023-5375 (Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2.)
-	TODO: check
+	NOT-FOR-US: mosparo
 CVE-2023-5374 (A vulnerability classified as critical was found in SourceCodester Onl ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Computer and Laptop Store
 CVE-2023-5373 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Computer and Laptop Store
 CVE-2023-5371 (RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3. ...)
 	TODO: check
 CVE-2023-5113 (Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are po ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2023-4997 (Improper authorisation of regular users in ProIntegra Uptime DC softwa ...)
-	TODO: check
+	NOT-FOR-US: ProIntegra Uptime DC software
 CVE-2023-4497 (Easy Chat Server, in its 3.1 version and before, does not sufficiently ...)
-	TODO: check
+	NOT-FOR-US: Easy Chat Server
 CVE-2023-4496 (Easy Chat Server, in its 3.1 version and before, does not sufficiently ...)
-	TODO: check
+	NOT-FOR-US: Easy Chat Server
 CVE-2023-4495 (Easy Chat Server, in its 3.1 version and before, does not sufficiently ...)
-	TODO: check
+	NOT-FOR-US: Easy Chat Server
 CVE-2023-4494 (Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 vers ...)
-	TODO: check
+	NOT-FOR-US: Easy Chat Server
 CVE-2023-4493 (Stored Cross-Site Scripting in Easy Address Book Web Server 1.6 versio ...)
-	TODO: check
+	NOT-FOR-US: Easy Address Book Web Server
 CVE-2023-4492 (Vulnerability in Easy Address Book Web Server 1.6 version, affecting t ...)
-	TODO: check
+	NOT-FOR-US: Easy Address Book Web Server
 CVE-2023-4491 (Buffer overflow vulnerability in Easy Address Book Web Server 1.6 vers ...)
-	TODO: check
+	NOT-FOR-US: Easy Address Book Web Server
 CVE-2023-4090 (Cross-site Scripting (XSS) reflected vulnerability on WideStand until  ...)
 	TODO: check
 CVE-2023-4037 (Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interfac ...)
@@ -39,17 +39,17 @@ CVE-2023-4037 (Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web int
 CVE-2023-44210 (Sensitive information disclosure and manipulation due to missing autho ...)
 	TODO: check
 CVE-2023-44209 (Local privilege escalation due to improper soft link handling. The fol ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-44208 (Sensitive information disclosure and manipulation due to missing autho ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-44075 (Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a  ...)
-	TODO: check
+	NOT-FOR-US: Small CRM in PHP
 CVE-2023-43838 (An arbitrary file upload vulnerability in Personal Management System v ...)
-	TODO: check
+	NOT-FOR-US: Personal Management System
 CVE-2023-43804 (urllib3 is a user-friendly HTTP client library for Python. urllib3 doe ...)
 	TODO: check
 CVE-2023-43261 (An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 b ...)
-	TODO: check
+	NOT-FOR-US: Milesight
 CVE-2023-42824 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	TODO: check
 CVE-2023-42809 (Redisson is a Java Redis client that uses the Netty framework. Prior t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1112b33e02614fd161cd8c7e7118071e4034d1f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1112b33e02614fd161cd8c7e7118071e4034d1f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231004/5c46d0b5/attachment.htm>

More information about the debian-security-tracker-commits mailing list