[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Sep 1 21:33:05 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab4080e6 by Salvatore Bonaccorso at 2023-09-01T22:32:44+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14,29 +14,29 @@ CVE-2023-4720 (Floating Point Comparison with Incorrect Operator in GitHub repos
 	NOTE: https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a
 	NOTE: https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad
 CVE-2023-4714 (A vulnerability was found in PlayTube 3.0.1 and classified as problema ...)
-	TODO: check
+	NOT-FOR-US: PlayTube
 CVE-2023-4713 (A vulnerability has been found in IBOS OA 4.5.5 and classified as crit ...)
-	TODO: check
+	NOT-FOR-US: IBOS OA
 CVE-2023-4712 (A vulnerability, which was classified as critical, was found in Xintia ...)
 	TODO: check
 CVE-2023-4711 (A vulnerability, which was classified as critical, has been found in D ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-4710 (A vulnerability classified as problematic was found in TOTVS RM 12.1.  ...)
-	TODO: check
+	NOT-FOR-US: TOTVS RM
 CVE-2023-4709 (A vulnerability classified as problematic has been found in TOTVS RM 1 ...)
-	TODO: check
+	NOT-FOR-US: TOTVS RM
 CVE-2023-4708 (A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been r ...)
-	TODO: check
+	NOT-FOR-US: Infosoftbd Clcknshop
 CVE-2023-4707 (A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been d ...)
-	TODO: check
+	NOT-FOR-US: Infosoftbd Clcknshop
 CVE-2023-4704 (External Control of System or Configuration Setting in GitHub reposito ...)
-	TODO: check
+	NOT-FOR-US: icms2
 CVE-2023-41633 (Catdoc v0.95 was discovered to contain a NULL pointer dereference via  ...)
 	TODO: check
 CVE-2023-41628 (An issue in O-RAN Software Community E2 G-Release allows attackers to  ...)
-	TODO: check
+	NOT-FOR-US: O-RAN
 CVE-2023-41627 (O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the  ...)
-	TODO: check
+	NOT-FOR-US: O-RAN
 CVE-2023-41364 (In tine through 2023.01.14.325, the sort parameter of the /index.php e ...)
 	TODO: check
 CVE-2023-41051 (In a typical Virtual Machine Monitor (VMM) there are several component ...)
@@ -44,51 +44,51 @@ CVE-2023-41051 (In a typical Virtual Machine Monitor (VMM) there are several com
 CVE-2023-41049 (@dcl/single-sign-on-client is an open source npm library which deals w ...)
 	TODO: check
 CVE-2023-41046 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-40980 (File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before  ...)
-	TODO: check
+	NOT-FOR-US: DWSurvey DWSurvey-OSS
 CVE-2023-40970 (Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: Senayan Library Management Systems SLIMS 9 Bulian
 CVE-2023-40969 (Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: Senayan Library Management Systems SLIMS 9 Bulian
 CVE-2023-40968 (Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allow ...)
 	TODO: check
 CVE-2023-40771 (SQL injection vulnerability in DataEase v.1.18.9 allows a remote attac ...)
 	TODO: check
 CVE-2023-40239 (Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE at ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2023-3210 (An issue has been discovered in GitLab affecting all versions starting ...)
 	TODO: check
 CVE-2023-39714 (Multiple cross-site scripting (XSS) vulnerabilities in Free and Open S ...)
-	TODO: check
+	NOT-FOR-US: Free and Open Source Inventory Management System
 CVE-2023-39710 (Multiple cross-site scripting (XSS) vulnerabilities in Free and Open S ...)
-	TODO: check
+	NOT-FOR-US: Free and Open Source Inventory Management System
 CVE-2023-39703 (A cross site scripting (XSS) vulnerability in the Markdown Editor comp ...)
-	TODO: check
+	NOT-FOR-US: Typora
 CVE-2023-39685 (An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial ...)
 	TODO: check
 CVE-2023-39631 (An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker t ...)
 	TODO: check
 CVE-2023-39582 (SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allow ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2023-37997 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dharmesh ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37994 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37986 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in mini ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37893 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chop-Cho ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37830 (A cross-site scripting (XSS) vulnerability in General Solutions Steine ...)
-	TODO: check
+	NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
 CVE-2023-37829 (A cross-site scripting (XSS) vulnerability in General Solutions Steine ...)
-	TODO: check
+	NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
 CVE-2023-37828 (A cross-site scripting (XSS) vulnerability in General Solutions Steine ...)
-	TODO: check
+	NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
 CVE-2023-37827 (A cross-site scripting (XSS) vulnerability in General Solutions Steine ...)
-	TODO: check
+	NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
 CVE-2023-37826 (A cross-site scripting (XSS) vulnerability in General Solutions Steine ...)
-	TODO: check
+	NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
 CVE-2023-36328 (Integer Overflow vulnerability in mp_grow in libtom libtommath before  ...)
 	TODO: check
 CVE-2023-36327 (Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba424 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab4080e607a8991ec6ab45c6e874d3b416a28fd9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab4080e607a8991ec6ab45c6e874d3b416a28fd9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230901/0a7e3313/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list