[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 12 21:34:35 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3a2b4816 by Salvatore Bonaccorso at 2023-09-12T22:34:08+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,53 +3,53 @@ CVE-2023-4921 (A use-after-free vulnerability in the Linux kernel's net/sched: s
 	NOTE: https://kernel.dance/#8fc134fee27f2263988ae38920bc03da416b03d8
 	NOTE: https://git.kernel.org/linus/8fc134fee27f2263988ae38920bc03da416b03d8 (6.6-rc1)
 CVE-2023-4918 (A flaw was found in the Keycloak package, more specifically org.keyclo ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2023-4914 (Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7 ...)
-	TODO: check
+	NOT-FOR-US: cecil.app
 CVE-2023-4913 (Cross-site Scripting (XSS) - Reflected in GitHub repository cecilapp/c ...)
-	TODO: check
+	NOT-FOR-US: cecil.app
 CVE-2023-4759 (Arbitrary File Overwrite in Eclipse JGit <= 6.6.0  In Eclipse JGit, al ...)
 	TODO: check
 CVE-2023-4501 (User authentication with username and password credentials is ineffect ...)
-	TODO: check
+	NOT-FOR-US: Micro Focus
 CVE-2023-41885 (Piccolo is an ORM and query builder which supports asyncio. In version ...)
 	TODO: check
 CVE-2023-41846 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-41764 (Microsoft Office Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2023-41331 (SOFARPC is a Java RPC framework. Versions prior to 5.11.0 are vulnerab ...)
 	TODO: check
 CVE-2023-41036 (Macvim is a text editor for MacOS. Prior to version 178, Macvim makes  ...)
-	TODO: check
+	NOT-FOR-US: Macvim
 CVE-2023-41033 (A vulnerability has been identified in Parasolid V35.0 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-41032 (A vulnerability has been identified in Parasolid V34.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-41013 (Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allow ...)
-	TODO: check
+	NOT-FOR-US: IceWarp
 CVE-2023-40834 (OpenCart v4.0.2.2 is vulnerable to Brute Force Attack.)
-	TODO: check
+	NOT-FOR-US: OpenCart
 CVE-2023-40784 (DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/modul ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2023-40732 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40731 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40730 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40729 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40728 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40727 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40726 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40725 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40724 (A vulnerability has been identified in QMS Automotive (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-40712 (Apache Airflow, versions before 2.7.1, is affected by a vulnerability  ...)
 	TODO: check
 CVE-2023-40611 (Apache Airflow, versions before 2.7.1, is affected by a vulnerability  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a2b48160938b4f1151bdc0b2fc49037b654c93f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a2b48160938b4f1151bdc0b2fc49037b654c93f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230912/3c897b8b/attachment.htm>


More information about the debian-security-tracker-commits mailing list