[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 26 Apr 2023 13:38:48 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f3da1a22 by Salvatore Bonaccorso at 2023-04-26T22:38:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -212,7 +212,7 @@ CVE-2023-2275
 CVE-2023-2274
        RESERVED
 CVE-2023-2273 (Rapid7 Insight Agent token handler versions 3.2.6 and below, 
suffer fr ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2023-2272
        RESERVED
 CVE-2023-2271
@@ -2253,7 +2253,7 @@ CVE-2023-30548 (gatsby-plugin-sharp is a plugin for the 
gatsby framework which e
 CVE-2023-30547 (vm2 is a sandbox that can run untrusted code with whitelisted 
Node's b ...)
        NOT-FOR-US: Node vm2
 CVE-2023-30546 (Contiki-NG is an operating system for Internet of Things 
devices. An o ...)
-       TODO: check
+       NOT-FOR-US: Contiki-NG
 CVE-2023-30545 (PrestaShop is an Open Source e-commerce web application. Prior 
to vers ...)
        NOT-FOR-US: PrestaShop
 CVE-2023-30544 (Kiwi TCMS is an open source test management system. In 
versions of Kiw ...)
@@ -2971,15 +2971,15 @@ CVE-2023-30271
 CVE-2023-30270
        RESERVED
 CVE-2023-30269 (CLTPHP &lt;=6.0 is vulnerable to Improper Input Validation via 
applica ...)
-       TODO: check
+       NOT-FOR-US: CLTPHP
 CVE-2023-30268
        RESERVED
 CVE-2023-30267 (CLTPHP &lt;=6.0 is vulnerable to Cross Site Scripting (XSS) 
via applic ...)
-       TODO: check
+       NOT-FOR-US: CLTPHP
 CVE-2023-30266 (CLTPHP &lt;=6.0 is vulnerable to Unrestricted Upload of File 
with Dang ...)
-       TODO: check
+       NOT-FOR-US: CLTPHP
 CVE-2023-30265 (CLTPHP &lt;=6.0 is vulnerable to Directory Traversal. ...)
-       TODO: check
+       NOT-FOR-US: CLTPHP
 CVE-2023-30264
        RESERVED
 CVE-2023-30263
@@ -3085,11 +3085,11 @@ CVE-2023-30214
 CVE-2023-30213
        RESERVED
 CVE-2023-30212 (OURPHP &lt;= 7.2.0 is vulnerale to Cross Site Scripting (XSS) 
via /cli ...)
-       TODO: check
+       NOT-FOR-US: OURPHP
 CVE-2023-30211 (OURPHP &lt;= 7.2.0 is vulnerable to SQL Injection. ...)
-       TODO: check
+       NOT-FOR-US: OURPHP
 CVE-2023-30210 (OURPHP &lt;= 7.2.0 is vulnerable to Cross Site Scripting (XSS) 
via our ...)
-       TODO: check
+       NOT-FOR-US: OURPHP
 CVE-2023-30209
        RESERVED
 CVE-2023-30208
@@ -3285,7 +3285,7 @@ CVE-2023-30114
 CVE-2023-30113
        RESERVED
 CVE-2023-30112 (Medicine Tracker System in PHP 1.0.0 is vulnerable to SQL 
Injection. ...)
-       TODO: check
+       NOT-FOR-US: Medicine Tracker System in PHP
 CVE-2023-30111 (Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross 
Site Scrip ...)
        NOT-FOR-US: Medicine Tracker System
 CVE-2023-30110
@@ -5427,7 +5427,7 @@ CVE-2023-29270
 CVE-2023-29269
        RESERVED
 CVE-2023-29268 (The Splus Server component of TIBCO Software Inc.'s TIBCO 
Spotfire Sta ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2023-29267
        RESERVED
 CVE-2023-29266
@@ -18873,7 +18873,7 @@ CVE-2023-24798 (D-Link DIR878 DIR_878_FW120B05 was 
discovered to contain a stack
 CVE-2023-24797 (D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a 
stack over ...)
        NOT-FOR-US: D-Link
 CVE-2023-24796 (Password vulnerability found in Vinga WR-AC1200 81.102.1.4370 
and befo ...)
-       TODO: check
+       NOT-FOR-US: Vinga
 CVE-2023-24795 (Command execution vulnerability was discovered in JHR-N916R 
router fir ...)
        NOT-FOR-US: JHR-N916R
 CVE-2023-24794
@@ -25355,9 +25355,9 @@ CVE-2023-22731 (Shopware is an open source commerce 
platform based on Symfony Fr
 CVE-2023-22730 (Shopware is an open source commerce platform based on Symfony 
Framewor ...)
        NOT-FOR-US: Shopware
 CVE-2023-22729 (Silverstripe Framework is the Model-View-Controller framework 
that pow ...)
-       TODO: check
+       NOT-FOR-US: Silverstripe
 CVE-2023-22728 (Silverstripe Framework is the Model-View-Controller framework 
that pow ...)
-       TODO: check
+       NOT-FOR-US: Silverstripe
 CVE-2023-22727 (CakePHP is a development framework for PHP web apps. In 
affected versi ...)
        NOT-FOR-US: CakePHP
 CVE-2023-22726 (act is a project which allows for local running of github 
actions. The ...)
@@ -54092,7 +54092,7 @@ CVE-2022-39991
 CVE-2022-39990
        RESERVED
 CVE-2022-39989 (An issue was discovered in Fighting Cock Information System 
1.0, which ...)
-       TODO: check
+       NOT-FOR-US: Fighting Cock Information System
 CVE-2022-39988 (A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 
allows  ...)
        - centreon-web <itp> (bug #913903)
 CVE-2022-39987
@@ -88101,9 +88101,9 @@ CVE-2022-27981
 CVE-2022-27980
        RESERVED
 CVE-2022-27979 (A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 
allows at ...)
-       TODO: check
+       NOT-FOR-US: ToolJet
 CVE-2022-27978 (Tooljet v1.6 does not properly handle missing values in the 
API, allow ...)
-       TODO: check
+       NOT-FOR-US: ToolJet
 CVE-2022-27977
        RESERVED
 CVE-2022-27976



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3da1a227f72f63ea4e3b479a2a656057e359fa7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3da1a227f72f63ea4e3b479a2a656057e359fa7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to