[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 19 Jul 2023 12:31:42 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b9f340fc by Moritz Muehlenhoff at 2023-07-19T21:31:09+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -69,9 +69,9 @@ CVE-2023-37788 (goproxy v1.1 was discovered to contain an 
issue which can lead t
 CVE-2023-37758 (D-LINK DIR-815 v1.01 was discovered to contain a buffer 
overflow via t ...)
        NOT-FOR-US: D-LINK
 CVE-2023-37481 (Fides is an open-source privacy engineering platform for 
managing data ...)
-       TODO: check
+       NOT-FOR-US: Fides
 CVE-2023-37480 (Fides is an open-source privacy engineering platform for 
managing data ...)
-       TODO: check
+       NOT-FOR-US: Fides
 CVE-2023-37477 (1Panel is an open source Linux server operation and 
maintenance manage ...)
        NOT-FOR-US: 1Panel
 CVE-2023-37387 (Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme 
Classif ...)
@@ -79,7 +79,7 @@ CVE-2023-37387 (Cross-Site Request Forgery (CSRF) 
vulnerability in RadiusTheme C
 CVE-2023-37386 (Cross-Site Request Forgery (CSRF) vulnerability in Media 
Library Helpe ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-37259 (matrix-react-sdk is a react-based SDK for inserting a Matrix 
chat/voip ...)
-       TODO: check
+       NOT-FOR-US: Node matrix-react-sdk
 CVE-2023-37143 (ChakraCore branch master cbb9b was discovered to contain a 
segmentatio ...)
        NOT-FOR-US: Microsoft
 CVE-2023-37142 (ChakraCore branch master cbb9b was discovered to contain a 
segmentatio ...)
@@ -109,7 +109,7 @@ CVE-2023-34330 (AMI SPx contains a vulnerability in the BMC 
where a User may cau
 CVE-2023-34329 (AMI SPx contains a vulnerability in BMC where a User may cause 
an auth ...)
        NOT-FOR-US: AMI SPx
 CVE-2023-34035 (Spring Security versions 5.8prior to 5.8.5, 6.0prior to 
6.0.5,and 6.1p ...)
-       TODO: check
+       - libspring-security-2.0-java <removed>
 CVE-2023-33871 (Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to 
a direct ...)
        NOT-FOR-US: Iagona ScrutisWeb
 CVE-2023-33329 (Auth. (admin+) Reflected Cross-Site Scripting (XSS) 
vulnerability in H ...)
@@ -131,9 +131,9 @@ CVE-2023-2433 (The YARPP plugin for WordPress is vulnerable 
to Stored Cross-Site
 CVE-2021-4428 (A vulnerability has been found in what3words Autosuggest Plugin 
up to  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2020-36762 (A vulnerability was found in ONS Digital RAS Collection 
Instrument up  ...)
-       TODO: check
+       NOT-FOR-US: ONS Digital RAS Collection Instrument
 CVE-2018-25088 (A vulnerability, which was classified as critical, was found 
in Blue Y ...)
-       TODO: check
+       NOT-FOR-US: Blue Yonder postgraas_server
 CVE-2023-3724 (If a TLS 1.3 client gets neither a PSK (pre shared key) 
extension nor  ...)
        - wolfssl <unfixed>
        NOTE: https://github.com/wolfSSL/wolfssl/pull/6412
@@ -77752,7 +77752,7 @@ CVE-2022-34487 (Unauthenticated Arbitrary Option Update 
vulnerability in biplob0
 CVE-2022-34347 (Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden 
Download Ma ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-34155 (Improper Authentication vulnerability in miniOrange OAuth 
Single Sign  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-34149 (Authentication Bypass vulnerability in miniOrange WP OAuth 
Server plug ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-34148 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
@@ -144272,7 +144272,7 @@ CVE-2021-37524 (Cross Site Scripting (XSS) 
vulnerability in FusionPBX 4.5.26 all
 CVE-2021-37523
        RESERVED
 CVE-2021-37522 (SQL injection vulnerability in HKing2802 Locke-Bot 2.0.2 
allows remote ...)
-       TODO: check
+       NOT-FOR-US: HKing2802 Locke-Bot
 CVE-2021-37521
        RESERVED
 CVE-2021-37520
@@ -152378,7 +152378,7 @@ CVE-2021-34125 (An issue discovered in Yuneec Mantis 
Q and PX4-Autopilot v 1.11.
 CVE-2021-34124
        RESERVED
 CVE-2021-34123 (An issue was discovered on atasm, version 1.09. A 
stack-buffer-overflo ...)
-       TODO: check
+       NOT-FOR-US: atasm
 CVE-2021-34122 (The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e 
has a NU ...)
        NOT-FOR-US: ffjpeg
 CVE-2021-34121 (An Out of Bounds flaw was discovered in htmodoc 1.9.12 in 
function par ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9f340fc6fa4d07f8a4dbf544a00260e44e192c6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9f340fc6fa4d07f8a4dbf544a00260e44e192c6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to