[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 29 20:05:11 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ebbcd9a5 by Salvatore Bonaccorso at 2023-10-29T21:04:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2023-5840 (Weak Password Recovery Mechanism for Forgotten Password in GitHub repo ...)
-	TODO: check
+	NOT-FOR-US: LinkStack
 CVE-2023-5839 (Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8 ...)
 	NOT-FOR-US: Hestia Control Panel
 CVE-2023-5838 (Insufficient Session Expiration in GitHub repository linkstackorg/link ...)
-	TODO: check
+	NOT-FOR-US: LinkStack
 CVE-2023-5837 (A vulnerability classified as problematic was found in AlexanderLivano ...)
 	NOT-FOR-US: AlexanderLivanov FotosCMS2
 CVE-2023-5836 (A vulnerability was found in SourceCodester Task Reminder System 1.0.  ...)
@@ -169595,15 +169595,15 @@ CVE-2021-33640 (After tar_close(), libtar.c releases the memory pointed to by po
 CVE-2021-33639 (REMAP cmd of SVM driver can be used to remap read only memory as read- ...)
 	NOT-FOR-US: OpenEuler
 CVE-2021-33638 (When the isula cp command is used to copy files from a container to a  ...)
-	TODO: check
+	NOT-FOR-US: OpenEuler iSulad
 CVE-2021-33637 (When the isula export command is used to export a container to an imag ...)
-	TODO: check
+	NOT-FOR-US: OpenEuler iSulad
 CVE-2021-33636 (When the isula load command is used to load malicious images, attacker ...)
-	TODO: check
+	NOT-FOR-US: OpenEuler iSulad
 CVE-2021-33635 (When malicious images are pulled by isula pull, attackers can execute  ...)
-	TODO: check
+	NOT-FOR-US: OpenEuler iSulad
 CVE-2021-33634 (iSulad uses the lcr+lxc runtime (default) to run malicious images, whi ...)
-	TODO: check
+	NOT-FOR-US: OpenEuler lcr
 CVE-2021-33633
 	RESERVED
 CVE-2021-33632



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebbcd9a57e9f75d72ab1b84525c57bf787b7c803

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebbcd9a57e9f75d72ab1b84525c57bf787b7c803
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231029/a4e354e0/attachment.htm>


More information about the debian-security-tracker-commits mailing list