[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
af3cfad9 by Salvatore Bonaccorso at 2023-11-22T09:37:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45,25 +45,25 @@ CVE-2023-48228 (authentik is an open-source identity 
provider. When initialising
 CVE-2023-48161 (Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 
allows  ...)
        TODO: check
 CVE-2023-47393 (An access control issue in Mercedes me IOS APP v1.34.0 and 
below allow ...)
-       TODO: check
+       NOT-FOR-US: Mercedes me IOS APP
 CVE-2023-47392 (An access control issue in Mercedes me IOS APP v1.34.0 and 
below allow ...)
-       TODO: check
+       NOT-FOR-US: Mercedes me IOS APP
 CVE-2023-47016 (radare2 5.8.9 has an out-of-bounds read in 
r_bin_object_set_items in l ...)
        TODO: check
 CVE-2023-46814 (A binary hijacking vulnerability exists within the VideoLAN 
VLC media  ...)
        TODO: check
 CVE-2023-41146 (Autodesk Customer Support Portal allows cases created by users 
under a ...)
-       TODO: check
+       NOT-FOR-US: Autodesk Customer Support Portal
 CVE-2023-41145 (Autodesk users who no longer have an active license for an 
account can ...)
-       TODO: check
+       NOT-FOR-US: Autodesk
 CVE-2023-40152 (When Fuji Electric Tellus Lite V-Simulator parses a 
specially-crafted  ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric Tellus Lite V-Simulator
 CVE-2023-35127 (Stack-based buffer overflow may occur when Fuji Electric 
Tellus Lite V ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric Tellus Lite V-Simulator
 CVE-2023-2447 (The UserPro plugin for WordPress is vulnerable to Cross-Site 
Request F ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2446 (The UserPro plugin for WordPress is vulnerable to sensitive 
informatio ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6238 (A buffer overflow vulnerability was found in the NVM Express 
(NVMe) dr ...)
        - linux <unfixed>
        [bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -34240,7 +34240,7 @@ CVE-2023-29071
 CVE-2023-29070
        RESERVED
 CVE-2023-29069 (A maliciously crafted DLL file can be forced to install onto a 
non-def ...)
-       TODO: check
+       NOT-FOR-US: Autodesk
 CVE-2023-29068 (A maliciously crafted file consumed through pskernel.dll file 
could le ...)
        NOT-FOR-US: Autodesk
 CVE-2023-29067 (A maliciously crafted X_B file when parsed through 
Autodesk\xae AutoCA ...)
@@ -95356,7 +95356,7 @@ CVE-2022-35640
 CVE-2022-35639 (IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 
22.2 do no ...)
        NOT-FOR-US: IBM
 CVE-2022-35638 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 
6.0.3.8 a ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-35637 (IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 
11.5 is ...)
        NOT-FOR-US: IBM
 CVE-2022-35636



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af3cfad915e0f3cb97830aeed7d11270d4e464b3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af3cfad915e0f3cb97830aeed7d11270d4e464b3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits