From 0937d747874e090f5d8d88e9e494d8b997766c7e Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 4 Sep 2023 10:29:19 +0200
Subject: catdoc non issue

---
 data/CVE/list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 70ef07f82a..89f0f03e84 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -230,7 +230,10 @@ CVE-2023-4707 (A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has b
 CVE-2023-4704 (External Control of System or Configuration Setting in GitHub reposito ...)
 	NOT-FOR-US: icms2
 CVE-2023-41633 (Catdoc v0.95 was discovered to contain a NULL pointer dereference via  ...)
-	TODO: check
+	- catdoc <unfixed> (unimportant)
+	NOTE: https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference/
+	NOTE: https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd
+	NOTE: Crash in CLI tool, no security impact
 CVE-2023-41628 (An issue in O-RAN Software Community E2 G-Release allows attackers to  ...)
 	NOT-FOR-US: O-RAN
 CVE-2023-41627 (O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the  ...)
-- 
cgit v1.2.3