[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri, 07 Apr 2023 13:49:05 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cc98109d by Salvatore Bonaccorso at 2023-04-07T22:48:09+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,17 +53,17 @@ CVE-2023-29505
 CVE-2023-28393
        RESERVED
 CVE-2023-1942 (A vulnerability has been found in SourceCodester Online 
Computer and L ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online Computer and Laptop Store
 CVE-2023-1941 (A vulnerability, which was classified as critical, has been 
found in S ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Simple and Beautiful Shopping Cart System
 CVE-2023-1940 (A vulnerability classified as critical was found in 
SourceCodester Sim ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Simple and Beautiful Shopping Cart System
 CVE-2023-1939
        RESERVED
 CVE-2023-1938
        RESERVED
 CVE-2023-1937 (A vulnerability, which was classified as problematic, was found 
in zhe ...)
-       TODO: check
+       NOT-FOR-US: zhenfeng13 My-Blog
 CVE-2014-125095
        RESERVED
 CVE-2013-10025
@@ -103,17 +103,17 @@ CVE-2023-29480
 CVE-2023-29479
        RESERVED
 CVE-2023-29478 (BiblioCraft before 2.4.6 does not sanitize path-traversal 
characters i ...)
-       TODO: check
+       NOT-FOR-US: BiblioCraft
 CVE-2023-29477
        RESERVED
 CVE-2023-29476
        RESERVED
 CVE-2023-29475 (inventory in Atos Unify OpenScape 4000 Platform and OpenScape 
4000 Man ...)
-       TODO: check
+       NOT-FOR-US: Unify
 CVE-2023-29474 (inventory in Atos Unify OpenScape 4000 Platform and OpenScape 
4000 Man ...)
-       TODO: check
+       NOT-FOR-US: Unify
 CVE-2023-29473 (webservice in Atos Unify OpenScape 4000 Platform and OpenScape 
4000 Ma ...)
-       TODO: check
+       NOT-FOR-US: Unify
 CVE-2023-29472
        RESERVED
 CVE-2023-29471
@@ -296,7 +296,7 @@ CVE-2023-1911
 CVE-2023-1910
        RESERVED
 CVE-2023-1909 (A vulnerability, which was classified as critical, was found in 
PHPGur ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul BP Monitoring Management System
 CVE-2023-1908 (A vulnerability was found in SourceCodester Simple Mobile 
Comparison W ...)
        NOT-FOR-US: SourceCodester Simple Mobile Comparison Website
 CVE-2023-1907
@@ -421,7 +421,7 @@ CVE-2023-29390
 CVE-2023-29389 (Toyota RAV4 2021 vehicles automatically trust messages from 
other ECUs ...)
        NOT-FOR-US: Toyota
 CVE-2023-29388 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
impleCod ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29387
        RESERVED
 CVE-2023-29386
@@ -846,7 +846,7 @@ CVE-2023-29238
 CVE-2023-29237
        RESERVED
 CVE-2023-29236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Cththeme ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-29235
        RESERVED
 CVE-2023-29234
@@ -1071,11 +1071,11 @@ CVE-2023-29174
 CVE-2023-29173
        RESERVED
 CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Property ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29171 (Unauth. Reflected Cross-site Scripting (XSS) vulnerability in 
Magic Po ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29170 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability 
in PI W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-1807
        RESERVED
 CVE-2023-1806
@@ -1267,7 +1267,7 @@ CVE-2023-29096
 CVE-2023-29095
        RESERVED
 CVE-2023-29094 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability 
in PI W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29093
        RESERVED
 CVE-2023-1783
@@ -1572,7 +1572,7 @@ CVE-2023-29019
 CVE-2023-29018
        RESERVED
 CVE-2023-29017 (vm2 is a sandbox that can run untrusted code with whitelisted 
Node's b ...)
-       TODO: check
+       NOT-FOR-US: Node vm2
 CVE-2023-29016 (The Goobi viewer is a web application that allows digitised 
material t ...)
        NOT-FOR-US: Goobi viewer
 CVE-2023-29015 (The Goobi viewer is a web application that allows digitised 
material t ...)
@@ -1629,7 +1629,7 @@ CVE-2023-28995
 CVE-2023-28994
        RESERVED
 CVE-2023-28993 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Ignazio  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-28992
        RESERVED
 CVE-2023-28991
@@ -2329,13 +2329,13 @@ CVE-2023-28794
 CVE-2023-28793
        RESERVED
 CVE-2023-28792 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
I Thirte ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-28791
        RESERVED
 CVE-2023-28790
        RESERVED
 CVE-2023-28789 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Cimatti  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-28788
        RESERVED
 CVE-2023-28787
@@ -2351,7 +2351,7 @@ CVE-2023-28783
 CVE-2023-28782
        RESERVED
 CVE-2023-28781 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in 
Cimatti Con ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-28780
        RESERVED
 CVE-2023-28779
@@ -2610,7 +2610,7 @@ CVE-2023-28714
 CVE-2023-28712 (Osprey Pump Controller version 1.01 contains an 
unauthenticated comman ...)
        NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28710 (Improper Input Validation vulnerability in Apache Software 
Foundation  ...)
-       TODO: check
+       NOT-FOR-US: Apache Airflow Spark Provider
 CVE-2023-28654 (Osprey Pump Controller version 1.01 has a hidden 
administrative accoun ...)
        NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28648 (Osprey Pump Controller version 1.01 inputs passed to a GET 
parameter a ...)
@@ -2660,9 +2660,9 @@ CVE-2023-28708 (When using the RemoteIpFilter with 
requests received from a reve
        NOTE: 
https://github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab
 (9.0.72)
        NOTE: 
https://github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510
 (8.5.86)
 CVE-2023-28707 (Improper Input Validation vulnerability in Apache Software 
Foundation  ...)
-       TODO: check
+       NOT-FOR-US: Apache Airflow Drill Provider
 CVE-2023-28706 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Apache Airflow Hive Provider
 CVE-2023-28705
        RESERVED
 CVE-2023-28704
@@ -3276,7 +3276,7 @@ CVE-2023-28502 (Rocket Software UniData versions prior to 
8.2.4 build 3003 and U
 CVE-2023-28501 (Rocket Software UniData versions prior to 8.2.4 build 3003 and 
UniVers ...)
        NOT-FOR-US: Rocket Software UniData
 CVE-2023-28500 (** UNSUPPORTED WHEN ASSIGNED ** A Java insecure 
deserialization vulner ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-28499
        RESERVED
 CVE-2023-28498
@@ -4846,7 +4846,7 @@ CVE-2023-28053
 CVE-2023-28052
        RESERVED
 CVE-2023-28051 (Dell Power Manager, versions 3.10 and prior, contains an 
Improper Acce ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2023-28050
        RESERVED
 CVE-2023-28049
@@ -5766,25 +5766,25 @@ CVE-2023-27812
 CVE-2023-27811
        RESERVED
 CVE-2023-27810 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27809
        RESERVED
 CVE-2023-27808 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27807 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27806 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27805 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27804 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27803 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27802 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27801 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
-       TODO: check
+       NOT-FOR-US: H3C Magic R100
 CVE-2023-27800
        RESERVED
 CVE-2023-27799
@@ -6184,7 +6184,7 @@ CVE-2023-27622
 CVE-2023-27621
        RESERVED
 CVE-2023-27620 (Auth. (contributor+) Stored Cross-site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-27619
        RESERVED
 CVE-2023-27618



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc98109df516dcd33c5a820cec3f6ea2b0767ca4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc98109df516dcd33c5a820cec3f6ea2b0767ca4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to