[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
743c0b26 by Salvatore Bonaccorso at 2023-10-23T22:18:53+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2023-5718 (The Vue.js Devtools extension was found to leak screenshot data back t ...)
-	TODO: check
+	NOT-FOR-US: Vue.js Devtools extension
 CVE-2023-5246 (Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways wi ...)
-	TODO: check
+	NOT-FOR-US: SICK
 CVE-2023-46603 (In International Color Consortium DemoIccMAX 79ecb74, there is an out- ...)
-	TODO: check
+	NOT-FOR-US: International Color Consortium DemoIccMAX
 CVE-2023-46602 (In International Color Consortium DemoIccMAX 79ecb74, there is a stack ...)
-	TODO: check
+	NOT-FOR-US: International Color Consortium DemoIccMAX
 CVE-2023-46332 (WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataS ...)
 	- wabt <unfixed>
 	NOTE: https://github.com/WebAssembly/wabt/issues/2311
@@ -13,19 +13,19 @@ CVE-2023-46331 (WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in Da
 	- wabt <unfixed>
 	NOTE: https://github.com/WebAssembly/wabt/issues/2310
 CVE-2023-46127 (Frappe is a full-stack web application framework that uses Python and  ...)
-	TODO: check
+	NOT-FOR-US: Frappe Framework
 CVE-2023-46122 (sbt is a build tool for Scala, Java, and others. Given a specially cra ...)
 	TODO: check
 CVE-2023-43074 (Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-43067 (Dell Unity prior to 5.3 contains an XML External Entity injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-43066 (Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-43065 (Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-43045 (IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-42295 (An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to ex ...)
 	TODO: check
 CVE-2023-38722 (IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vul ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/743c0b26785c8310db41b3393c74c3c5ce32508e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/743c0b26785c8310db41b3393c74c3c5ce32508e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231023/dcce167e/attachment.htm>