[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 25 15:26:05 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12a8a5cf by Salvatore Bonaccorso at 2023-10-25T16:25:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28,11 +28,11 @@ CVE-2023-46136 (Werkzeug is a comprehensive WSGI web application library. If an
 CVE-2023-46135 (rs-stellar-strkey is a Rust lib for encode/decode of Stellar Strkeys.  ...)
 	TODO: check
 CVE-2023-46126 (Fides is an open-source privacy engineering platform for managing the  ...)
-	TODO: check
+	NOT-FOR-US: Fides
 CVE-2023-46125 (Fides is an open-source privacy engineering platform for managing the  ...)
-	TODO: check
+	NOT-FOR-US: Fides
 CVE-2023-46124 (Fides is an open-source privacy engineering platform for managing the  ...)
-	TODO: check
+	NOT-FOR-US: Fides
 CVE-2023-46123 (jumpserver is an open source bastion machine, professional operation a ...)
 	NOT-FOR-US: JumpServer
 CVE-2023-46120 (The RabbitMQ Java client library allows Java and JVM-based application ...)
@@ -54,19 +54,19 @@ CVE-2023-44767 (A File upload vulnerability in RiteCMS 3.0 allows a local attack
 CVE-2023-43961 (An issue in Dromara SaToken version 1.3.50RC and before when using Spr ...)
 	NOT-FOR-US: Dromara SaToken
 CVE-2023-43795 (GeoServer is an open source software server written in Java that allow ...)
-	TODO: check
+	NOT-FOR-US: GeoServer
 CVE-2023-43360 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a  ...)
 	NOT-FOR-US: CMSmadesimple
 CVE-2023-41721 (Instances of UniFi Network Application that (i) are run on a UniFi Gat ...)
 	NOT-FOR-US: UniFi Network Application
 CVE-2023-41339 (GeoServer is an open source software server written in Java that allow ...)
-	TODO: check
+	NOT-FOR-US: GeoServer
 CVE-2023-3112 (A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for  ...)
 	NOT-FOR-US: Lenovo
 CVE-2023-39930 (A first-factor authentication bypass vulnerability exists in the PingF ...)
 	NOT-FOR-US: PingFederate
 CVE-2023-39740 (The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allo ...)
-	TODO: check
+	NOT-FOR-US: Onigiriya-musubee Line
 CVE-2023-39739 (The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 a ...)
 	NOT-FOR-US: REGINA SWEETS&BAKERY Line
 CVE-2023-39737 (The leakage of the client secret in Matsuya Line 13.6.1 allows attacke ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12a8a5cf31d14518f17f089ee06b8a318ed50021

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12a8a5cf31d14518f17f089ee06b8a318ed50021
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231025/1dd93d97/attachment.htm>

More information about the debian-security-tracker-commits mailing list