[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Sep 8 21:23:46 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
71a110bf by Salvatore Bonaccorso at 2023-09-08T22:23:18+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2023-4843 (Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection  ...)
-	TODO: check
+	NOT-FOR-US: Pega Platform
 CVE-2023-4782 (Terraform version 1.0.8 through 1.5.6 allows arbitrary file write duri ...)
 	TODO: check
 CVE-2023-4777 (An incorrect permission check in Qualys Container Scanning Connector P ...)
-	TODO: check
+	NOT-FOR-US: Qualys Container Scanning Connector Plugin
 CVE-2023-42268 (Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vuln ...)
-	TODO: check
+	NOT-FOR-US: JeecgBoot
 CVE-2023-41578 (Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file re ...)
-	TODO: check
+	NOT-FOR-US: JeecgBoot
 CVE-2023-41575 (Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/s ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank & Donor Management
 CVE-2023-41338 (Fiber is an Express inspired web framework built in the go language. V ...)
-	TODO: check
+	NOT-FOR-US: Fiber
 CVE-2023-41318 (matrix-media-repo is a highly customizable multi-domain media reposito ...)
 	TODO: check
 CVE-2023-40924 (SolarView Compact < 6.00 is vulnerable to Directory Traversal.)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2023-39712 (Multiple cross-site scripting (XSS) vulnerabilities in Free and Open S ...)
-	TODO: check
+	NOT-FOR-US: Free and Open Source Inventory Management System
 CVE-2023-39676 (SimpleImportProduct Prestashop Module v1.0.0 was discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: SimpleImportProduct Prestashop Module
 CVE-2023-39584 (Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file re ...)
 	TODO: check
 CVE-2023-39076 (Injecting random data into the USB memory area on a General Motors (GM ...)
-	TODO: check
+	NOT-FOR-US: General Motors (GM) Chevrolet Equinox
 CVE-2023-38736 (IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-32332 (IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-4807 (Issue summary: The POLY1305 MAC (message authentication code) implemen ...)
 	- openssl <not-affected> (Windows-specific)
 	NOTE: https://www.openssl.org/news/secadv/20230908.txt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71a110bf3a282a4f20e90442f230a20b5c747fe5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71a110bf3a282a4f20e90442f230a20b5c747fe5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230908/f0cbdd0e/attachment-0001.htm>
