[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dc248231 by Salvatore Bonaccorso at 2023-11-15T21:22:58+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2023-6079
        REJECTED
 CVE-2023-5720 (A flaw was found in Quarkus, where it does not properly 
sanitize artif ...)
-       TODO: check
+       NOT-FOR-US: Quarkus
 CVE-2023-5676 (In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced 
into an ...)
-       TODO: check
+       NOT-FOR-US: Eclipse OpenJ9
 CVE-2023-5245 (FileUtil.extract() enumerates all zip file entries and extracts 
each f ...)
        TODO: check
 CVE-2023-4602 (The Namaste! LMS plugin for WordPress is vulnerable to 
Reflected Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-48219 (TinyMCE is an open source rich text editor. A mutation 
cross-site scri ...)
        - tinymce <removed>
 CVE-2023-48089 (xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution 
(RCE) via / ...)
-       TODO: check
+       NOT-FOR-US: XXL-Job
 CVE-2023-48088 (xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting 
(XSS) via /x ...)
-       TODO: check
+       NOT-FOR-US: XXL-Job
 CVE-2023-48087 (xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via 
/xxl-job ...)
-       TODO: check
+       NOT-FOR-US: XXL-Job
 CVE-2023-48014 (GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to 
contain a sta ...)
        - gpac <unfixed>
        NOTE: https://github.com/gpac/gpac/issues/2613
@@ -29,11 +29,11 @@ CVE-2023-48011 (GPAC v2.3-DEV-rev566-g50c2ab06f-master was 
discovered to contain
        NOTE: https://github.com/gpac/gpac/issues/2611
        NOTE: 
https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea
 CVE-2023-47637 (Pimcore is an Open Source Data & Experience Management 
Platform. In af ...)
-       TODO: check
+       NOT-FOR-US: Pimcore
 CVE-2023-47636 (The Pimcore Admin Classic Bundle provides a Backend UI for 
Pimcore. Fu ...)
-       TODO: check
+       NOT-FOR-US: Pimcore Admin Classic Bundle
 CVE-2023-41699 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in P ...)
-       TODO: check
+       NOT-FOR-US: Payara
 CVE-2023-34982 (This external control vulnerability, if exploited, could allow 
a local ...)
        TODO: check
 CVE-2023-34062 (In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 
and versi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2482316f2ad24a749fe41ddba5040338d816ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2482316f2ad24a749fe41ddba5040338d816ec
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits