[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 12 Dec 2023 00:41:01 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d7e68782 by Salvatore Bonaccorso at 2023-12-12T09:40:17+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,49 +1,49 @@
 CVE-2023-6709 (Improper Neutralization of Special Elements Used in a Template 
Engine  ...)
-       TODO: check
+       NOT-FOR-US: mlflow
 CVE-2023-6542 (Due to lack of proper authorization checks in Emarsys SDK for 
Android, ...)
-       TODO: check
+       NOT-FOR-US: Emarsys SDK for Android
 CVE-2023-5536 (A feature in LXD (LP#1829071), affects the default 
configuration of Ub ...)
        TODO: check
 CVE-2023-50424 (SAPBTPSecurity Services Integration Library ([Golang] 
github.com/sap/c ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-50423 (SAPBTPSecurity Services Integration Library 
([Python]sap-xssec) - vers ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-50422 (SAPBTPSecurity Services Integration Library ([Java] 
cloud-security-ser ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-50245 (OpenEXR-viewer is a viewer for OpenEXR files with detailed 
metadata pr ...)
        TODO: check
 CVE-2023-49805 (Uptime Kuma is an easy-to-use self-hosted monitoring tool. 
Prior to ve ...)
-       TODO: check
+       NOT-FOR-US: Uptime Kuma
 CVE-2023-49804 (Uptime Kuma is an easy-to-use self-hosted monitoring tool. 
Prior to ve ...)
-       TODO: check
+       NOT-FOR-US: Uptime Kuma
 CVE-2023-49803 (@koa/cors npm provides Cross-Origin Resource Sharing (CORS) 
for koa, a ...)
        TODO: check
 CVE-2023-49802 (The LinkedCustomFields plugin for MantisBT allows users to 
link values ...)
-       TODO: check
+       NOT-FOR-US: LinkedCustomFields plugin for MantisBT
 CVE-2023-49796 (MindsDB connects artificial intelligence models to real time 
data. Ver ...)
-       TODO: check
+       NOT-FOR-US: MindsDB
 CVE-2023-49587 (SAP Solution Manager - version 720, allows an authorized 
attacker to e ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49584 (SAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 
755, SAP ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49583 (SAPBTPSecurity Services Integration Library ([Node.js] 
@sap/xssec - ve ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49581 (SAP GUI for WindowsandSAP GUI for Javaallow an unauthenticated 
attacke ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49580 (SAP GUI for WindowsandSAP GUI for Java - versions SAP_BASIS 
755, SAP_B ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49578 (SAP Cloud Connector - version 2.0, allows an authenticated 
user with l ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49577 (The SAP HCM (SMART PAYE solution) - versions S4HCMCIE 100, 
SAP_HRCIE 6 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-49494 (DedeCMS v5.7.111 was discovered to contain a reflective 
cross-site scr ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2023-49490 (XunRuiCMS v4.5.5 was discovered to contain a reflective 
cross-site scr ...)
-       TODO: check
+       NOT-FOR-US: XunRuiCMS
 CVE-2023-49488 (A cross-site scripting (XSS) vulnerability in Openfiler ESA 
v2.99.1 al ...)
-       TODO: check
+       NOT-FOR-US: Openfiler ESA
 CVE-2023-49058 (SAP Master Data Governance File Upload applicationallows an 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-48642 (Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an 
authenticate ...)
        TODO: check
 CVE-2023-48641 (Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains 
an insecu ...)
@@ -244,7 +244,7 @@ CVE-2023-48425 (U-Boot vulnerability resulting in 
persistent Code Execution)
 CVE-2023-48424 (U-Boot shell vulnerability resulting in Privilege escalation 
in a prod ...)
        TODO: check
 CVE-2023-48417 (Missing Permission checks resulting in unauthorized access and 
Manipul ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2023-6655 (A vulnerability, which was classified as critical, has been 
found in H ...)
        NOT-FOR-US: Hongjing e-HR 2020
 CVE-2023-6654 (A vulnerability classified as critical was found in PHPEMS 
6.x/7.0. Af ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7e68782485a39f5778eee61fe40128487526f09

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7e68782485a39f5778eee61fe40128487526f09
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to