Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
85359fdd by Moritz Muehlenhoff at 2023-06-26T17:32:32+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -106,13 +106,13 @@ CVE-2023-36272 (LibreDWG v0.12.5 was discovered to
contain a heap buffer overflo
CVE-2023-36271 (LibreDWG v0.12.5 was discovered to contain a heap buffer
overflow via ...)
- libredwg <itp> (bug #595191)
CVE-2023-35931 (Shescape is a simple shell escape library for JavaScript. An
attacker ...)
- TODO: check
+ NOT-FOR-US: Shescape
CVE-2023-35925 (FastAsyncWorldEdit (FAWE) is designed for efficient world
editing. Thi ...)
- TODO: check
+ NOT-FOR-US: FastAsyncWorldEdit
CVE-2023-35759 (In Progress WhatsUp Gold before 23.0.0, an SNMP-related
application en ...)
NOT-FOR-US: Progress WhatsUp Gold
CVE-2023-35167 (Remult is a CRUD framework for full-stack TypeScript. If you
used the ...)
- TODO: check
+ NOT-FOR-US: Remult
CVE-2023-35162 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2023-35161 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
@@ -154,127 +154,128 @@ CVE-2023-34465 (XWiki Platform is a generic wiki
platform. Starting in version 1
CVE-2023-34464 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2023-34460 (Tauri is a framework for building binaries for all major
desktop platf ...)
- TODO: check
+ NOT-FOR-US: Tauri
CVE-2023-34203 (In Progress OpenEdge OEM (OpenEdge Management) and OEE
(OpenEdge Explo ...)
- TODO: check
+ NOT-FOR-US: Progress OpenEdge OEM
CVE-2023-34188 (The HTTP server in Mongoose before 7.10 accepts requests
containing ne ...)
- TODO: check
+ NOT-FOR-US: Cesanta Mongoose
+ NOTE: smplayer embeds a copy, which is unused in any released version
and disabled since 18.5.0~ds1-1
CVE-2023-34021 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Andy Moy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34012 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Premium ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33565 (ROS2 (Robot Operating System 2) Foxy Fitzroy ROS_VERSION=2 and
ROS_PYT ...)
TODO: check
CVE-2023-32580 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WPEx ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32480 (Dell BIOS contains an Improper Input Validation vulnerability.
An unau ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32439 (A type confusion issue was addressed with improved checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32435 (A memory corruption issue was addressed with improved state
management ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32434 (An integer overflow was addressed with improved input
validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32423 (A buffer overflow issue was addressed with improved memory
handling. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32422 (This issue was addressed by adding additional SQLite logging
restricti ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32420 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32419 (The issue was addressed with improved bounds checks. This
issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32417 (This issue was addressed by restricting options offered on a
locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32415 (This issue was addressed with improved redaction of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32414 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32413 (A race condition was addressed with improved state handling.
This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32412 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32411 (This issue was addressed with improved entitlements. This
issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32410 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32408 (The issue was addressed with improved handling of caches. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32407 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32405 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32404 (This issue was addressed with improved entitlements. This
issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32403 (This issue was addressed with improved redaction of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32402 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32400 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32399 (The issue was addressed with improved handling of caches. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32398 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32397 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32395 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32394 (The issue was addressed with improved checks. This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32392 (A privacy issue was addressed with improved private data
redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32391 (The issue was addressed with improved checks. This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32390 (The issue was addressed with improved checks. This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32389 (This issue was addressed with improved redaction of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32388 (A privacy issue was addressed with improved private data
redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32387 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32386 (A privacy issue was addressed with improved handling of
temporary file ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32385 (A denial-of-service issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32384 (A buffer overflow was addressed with improved bounds checking.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32382 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32380 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32376 (This issue was addressed with improved entitlements. This
issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32375 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32372 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32371 (The issue was addressed with improved checks. This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32369 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32368 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32367 (This issue was addressed with improved entitlements. This
issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32365 (The issue was addressed with improved checks. This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32363 (A permissions issue was addressed by removing vulnerable code
and addi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32360 (An authentication issue was addressed with improved state
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32357 (An authorization issue was addressed with improved state
management. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32355 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32354 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32353 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32352 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32351 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-3128 (Grafana is validating Azure AD accounts based on the email
claim. On ...)
- grafana <removed>
CVE-2023-3114 (Terraform Enterprise since v202207-1 did not properly implement
author ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85359fddc562eb70780cdefa60b851fe2d0a4058
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85359fddc562eb70780cdefa60b851fe2d0a4058
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
