[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 19 21:17:18 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
36573323 by Salvatore Bonaccorso at 2024-04-19T22:16:45+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -233,11 +233,11 @@ CVE-2023-49275 (Wazuh is a free and open source platform used for threat prevent
 CVE-2023-47435 (An issue in the verifyPassword function of hexo-theme-matery v2.0.0 al ...)
 	TODO: check
 CVE-2023-37400 (IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to esca ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-37397 (IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obta ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-37396 (IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obta ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-3948 (A vulnerability was found in SourceCodester Home Clean Service System  ...)
 	NOT-FOR-US: SourceCodester Home Clean Service System
 CVE-2024-32689 (Missing Authorization vulnerability in GenialSouls WP Social Comments. ...)
@@ -76386,7 +76386,7 @@ CVE-2023-27281
 CVE-2023-27280
 	RESERVED
 CVE-2023-27279 (IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a de ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-27278
 	RESERVED
 CVE-2023-27277
@@ -89681,7 +89681,7 @@ CVE-2023-22871
 CVE-2023-22870 (IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext w ...)
 	NOT-FOR-US: IBM
 CVE-2023-22869 (IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive inf ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-22868 (IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vu ...)
 	NOT-FOR-US: IBM
 CVE-2023-22867
@@ -117577,7 +117577,7 @@ CVE-2022-40747 ("IBM InfoSphere Information Server 11.7 is vulnerable to an XML
 CVE-2022-40746 (IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 co ...)
 	NOT-FOR-US: IBM
 CVE-2022-40745 (IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obta ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-40744 (IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting.  ...)
 	NOT-FOR-US: IBM
 CVE-2022-40743 (Improper Input Validation vulnerability for the xdebug plugin in Apach ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36573323c74869c7eb4db74abb4086fed914c152

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36573323c74869c7eb4db74abb4086fed914c152
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240419/3e2f7858/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list