[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Mon, 31 Jul 2023 03:25:41 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2e5e8a1d by Moritz Muehlenhoff at 2023-07-31T12:25:08+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2023-4007 (Cross-site Scripting (XSS) - Stored in GitHub repository 
thorsten/phpm ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-4006 (Improper Neutralization of Formula Elements in a CSV File in 
GitHub re ...)
-       TODO: check
+       NOT-FOR-US: phpmyfaq
 CVE-2023-4005 (Insufficient Session Expiration in GitHub repository 
fossbilling/fossb ...)
-       TODO: check
+       NOT-FOR-US: fossbilling
 CVE-2023-35019 (IBM Security Verify Governance, Identity Manager 10.0 could 
allow a re ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-35016 (IBM Security Verify Governance, Identity Manager 10.0 could 
allow a re ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-34360 (A stored cross-site scripting (XSS) issue was discovered 
within the Cu ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2023-34359 (ASUS RT-AX88U's httpd is subject to an unauthenticated DoS 
condition.  ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2023-34358 (ASUS RT-AX88U's httpd is subject to an unauthenticated DoS 
condition.  ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2023-4004
        - linux <unfixed>
        [buster] - linux <not-affected> (Vulnerable code not present)
@@ -68,13 +68,13 @@ CVE-2023-39018 (FFmpeg 0.7.0 and below was discovered to 
contain a code injectio
 CVE-2023-39017 (quartz-jobs 2.3.2 and below was discovered to contain a code 
injection ...)
        TODO: check
 CVE-2023-39016 (bboss-persistent v6.0.9 and below was discovered to contain a 
code inj ...)
-       TODO: check
+       NOT-FOR-US: bboss-persistent
 CVE-2023-39015 (webmagic-extension v0.9.0 and below was discovered to contain 
a code i ...)
-       TODO: check
+       NOT-FOR-US: webmagic-extension
 CVE-2023-39013 (Duke v1.2 and below was discovered to contain a code injection 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Duke
 CVE-2023-39010 (BoofCV 0.42 was discovered to contain a code injection 
vulnerability v ...)
-       TODO: check
+       NOT-FOR-US: BoofCV
 CVE-2023-38992 (jeecg-boot v3.5.1 was discovered to contain a SQL injection 
vulnerabil ...)
        NOT-FOR-US: jeecg-boot
 CVE-2023-38685 (Discourse is an open source discussion platform. Prior to 
version 3.0. ...)
@@ -28766,7 +28766,7 @@ CVE-2023-24973
 CVE-2023-24972
        RESERVED
 CVE-2023-24971 (IBM B2B Advanced Communications 1.0.0.0 and IBM 
Multi-Enterprise Integ ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-24970
        RESERVED
 CVE-2023-24969
@@ -36377,7 +36377,7 @@ CVE-2023-22597 (InHand Networks InRouter 302, prior to 
version IR302 V3.5.56, an
 CVE-2023-22596
        RESERVED
 CVE-2023-22595 (IBM B2B Advanced Communications 1.0.0.0 and IBM 
Multi-Enterprise Integ ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-22594 (IBM Robotic Process Automation for Cloud Pak 20.12.0 through 
21.0.4 is ...)
        NOT-FOR-US: IBM
 CVE-2023-22593 (IBM Robotic Process Automation for Cloud Pak 21.0.1 through 
21.0.7.3 a ...)
@@ -54254,7 +54254,7 @@ CVE-2022-43833
 CVE-2022-43832
        RESERVED
 CVE-2022-43831 (IBM Storage Scale Container Native Storage Access 5.1.2.1 
through 5.1. ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-43830
        REJECTED
 CVE-2022-43829
@@ -259723,7 +259723,7 @@ CVE-2020-4870 (IBM MQ 9.2 CD and LTS are vulnerable 
to a denial of service attac
 CVE-2020-4869 (IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial 
of servi ...)
        NOT-FOR-US: IBM
 CVE-2020-4868 (IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to 
obtain  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4867
        RESERVED
 CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e5e8a1d61fd31d5ca32de85d4b189bf2ba4c0e2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e5e8a1d61fd31d5ca32de85d4b189bf2ba4c0e2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to