[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 26 21:32:09 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e446aa82 by Salvatore Bonaccorso at 2023-09-26T22:31:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -68,7 +68,7 @@ CVE-2023-39347 (Cilium is a networking, observability, and security solution wit
 CVE-2023-34043 (VMware Aria Operations contains a local privilege escalation vulnerabi ...)
 	NOT-FOR-US: VMware
 CVE-2023-32541 (A use-after-free vulnerability exists in the footerr functionality of  ...)
-	TODO: check
+	NOT-FOR-US: Hancom Office 2020 HWord
 CVE-2023-5176
 	- firefox <unfixed>
 	- firefox-esr <unfixed>
@@ -282,23 +282,23 @@ CVE-2023-3226 (The Popup Builder WordPress plugin through 4.1.15 does not saniti
 CVE-2023-39640 (UpLight cookiebanner before 1.5.1 was discovered to contain a SQL inje ...)
 	NOT-FOR-US: UpLight cookiebanner
 CVE-2023-39453 (A use-after-free vulnerability exists in the tif_parse_sub_IFD functio ...)
-	TODO: check
+	NOT-FOR-US: Accusoft ImageGear
 CVE-2023-39409 (DoS vulnerability in the PMS module. Successful exploitation of this v ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-39408 (DoS vulnerability in the PMS module. Successful exploitation of this v ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-39407 (The Watchkit has a risk of unauthorized file access.Successful exploit ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-35002 (A heap-based buffer overflow vulnerability exists in the pictwread fun ...)
-	TODO: check
+	NOT-FOR-US: Accusoft ImageGear
 CVE-2023-32653 (An out-of-bounds write vulnerability exists in the dcm_pixel_data_deco ...)
-	TODO: check
+	NOT-FOR-US: Accusoft ImageGear
 CVE-2023-32614 (A heap-based buffer overflow vulnerability exists in the create_png_ob ...)
-	TODO: check
+	NOT-FOR-US: Accusoft ImageGear
 CVE-2023-32284 (An out-of-bounds write vulnerability exists in the tiff_planar_adobe f ...)
-	TODO: check
+	NOT-FOR-US: Accusoft ImageGear
 CVE-2022-48605 (Input verification vulnerability in the fingerprint module. Successful ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-42755 [wild pointer access in rsvp classifer in the Linux kernel]
 	- linux 6.3.7-1
 	NOTE: https://lore.kernel.org/all/CADW8OBtkAf+nGokhD9zCFcmiebL1SM8bJp_oo=pE02BknG9qnQ@mail.gmail.com/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e446aa82340530f26a24916bb294ef4545694a4d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e446aa82340530f26a24916bb294ef4545694a4d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230926/15a491f7/attachment.htm>

More information about the debian-security-tracker-commits mailing list