[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri, 29 Dec 2023 04:31:03 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
004cdb19 by Salvatore Bonaccorso at 2023-12-29T13:29:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2023-52174 (XnView Classic before 2.51.3 on Windows has a 
Write Access Viola
 CVE-2023-52173 (XnView Classic before 2.51.3 on Windows has a Write Access 
Violation a ...)
        NOT-FOR-US: XnView
 CVE-2023-52152 (mupnp/net/uri.c in mUPnP for C through 3.0.2 has an 
out-of-bounds read ...)
-       TODO: check
+       NOT-FOR-US: mUPNP
 CVE-2023-52085 (Winter is a free, open-source content management system. Users 
with ac ...)
        NOT-FOR-US: Winter CMS
 CVE-2023-52084 (Winter is a free, open-source content management system. Prior 
to 1.2. ...)
@@ -127,7 +127,7 @@ CVE-2023-52082 (Lychee is a free photo-management tool.  
Prior to 5.0.2, Lychee
 CVE-2023-52081 (ffcss is a CLI interface to apply and configure Firefox CSS 
themes. Pr ...)
        NOT-FOR-US: ffcss
 CVE-2023-52079 (msgpackr is a fast MessagePack NodeJS/JavaScript 
implementation. Prior ...)
-       TODO: check
+       NOT-FOR-US: msgpackr Node.js module
 CVE-2023-51501 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress theme
 CVE-2023-50874 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
@@ -58062,7 +58062,7 @@ CVE-2023-23636 (In Jellyfin 10.8.x through 10.8.3, the 
name of a playlist is vul
 CVE-2023-23635 (In Jellyfin 10.8.x through 10.8.3, the name of a collection is 
vulnera ...)
        - jellyfin <itp> (bug #994189)
 CVE-2023-23634 (SQL Injection vulnerability in Documize version 5.4.2, allows 
remote a ...)
-       TODO: check
+       NOT-FOR-US: Documize
 CVE-2023-23633
        RESERVED
 CVE-2023-23632 (BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 
22.4.x a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/004cdb19c6199d65cb04fb2a1e89d8cc05a29a97

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/004cdb19c6199d65cb04fb2a1e89d8cc05a29a97
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to