[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Sep 14 09:21:03 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b4d93ded by Salvatore Bonaccorso at 2023-09-14T10:20:05+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,31 +7,31 @@ CVE-2023-4944 (The Awesome Weather Widget for WordPress plugin for WordPress is
 CVE-2023-4841 (The Feeds for YouTube for WordPress plugin for WordPress is vulnerable ...)
 	NOT-FOR-US: Feeds for YouTube for WordPress plugin for WordPress
 CVE-2023-4814 (A Privilege escalation vulnerability exists in Trellix Windows DLP end ...)
-	TODO: check
+	NOT-FOR-US: Trellix
 CVE-2023-4568 (PaperCut NG allows for unauthenticated XMLRPC commands to be run by de ...)
-	TODO: check
+	NOT-FOR-US: PaperCut
 CVE-2023-42503 (Improper Input Validation, Uncontrolled Resource Consumption vulnerabi ...)
 	TODO: check
 CVE-2023-41267 (In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a docume ...)
-	TODO: check
+	NOT-FOR-US: Apache Airflow HDFS Provider
 CVE-2023-41162 (A Reflected Cross-site scripting (XSS) vulnerability in the file manag ...)
-	TODO: check
+	NOT-FOR-US: Usermin
 CVE-2023-41158 (A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type pro ...)
-	TODO: check
+	NOT-FOR-US: Usermin
 CVE-2023-41155 (A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwardi ...)
 	- webmin <removed>
 CVE-2023-41154 (A Stored Cross-Site Scripting (XSS) vulnerability in the scheduled cro ...)
-	TODO: check
+	NOT-FOR-US: Usermin
 CVE-2023-41152 (A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type pro ...)
-	TODO: check
+	NOT-FOR-US: Usermin
 CVE-2023-40617 (A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeM ...)
-	TODO: check
+	NOT-FOR-US: OpenKnowledgeMaps Head Start
 CVE-2023-38206 (Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier)  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-38205 (Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier)  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-38204 (Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier)  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-4910
 	NOT-FOR-US: 3scale-admin-portal
 CVE-2023-38039 [HTTP headers eat all memory]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4d93ded2f133e505873a6a6e20264e488590ed0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4d93ded2f133e505873a6a6e20264e488590ed0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230914/30f37a47/attachment-0001.htm>
