[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 24 Aug 2023 08:21:33 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
413877b1 by Salvatore Bonaccorso at 2023-08-24T17:20:46+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,7 +63,7 @@ CVE-2023-3453 (ETIC Telecom RAS versions 4.7.0 and prior the 
web management port
 CVE-2023-39583
        REJECTED
 CVE-2023-39441 (Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP 
Provide ...)
-       TODO: check
+       NOT-FOR-US: Apache Airflow SMTP Provider
 CVE-2023-38831 (RARLabs WinRAR before 6.23 allows attackers to execute 
arbitrary code  ...)
        TODO: check
 CVE-2023-38422 (Walchem Intuition 9 firmware versions prior to v4.21 are 
missing authe ...)
@@ -19868,7 +19868,7 @@ CVE-2023-28996
 CVE-2023-28995 (Cross-Site Request Forgery (CSRF) vulnerability in Keith 
Solomon Confi ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-28994 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
UX-theme ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-28993 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Ignazio  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-28992 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Elliot S ...)
@@ -55901,15 +55901,15 @@ CVE-2022-3748 (Improper Authorization vulnerability 
in ForgeRock Inc. Access Man
 CVE-2022-3747 (The Becustom plugin for WordPress is vulnerable to Cross-Site 
Request  ...)
        NOT-FOR-US: Becustom plugin for WordPress
 CVE-2022-3746 (A potential vulnerability was discovered in LCFC BIOS for some 
Lenovo  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2022-3745 (A potential vulnerability was discovered in LCFC BIOS for some 
Lenovo  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2022-3744 (A potential vulnerability was discovered in LCFC BIOS for some 
Lenovo  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2022-3743 (A potential vulnerability was discovered in LCFC BIOS for some 
Lenovo  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2022-3742 (A potential vulnerability was discovered in LCFC BIOS for some 
Lenovo  ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2022-3741 (Impact varies for each individual vulnerability in the 
application. Fo ...)
        NOT-FOR-US: chatwoot
 CVE-2022-3740 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)
@@ -57250,7 +57250,7 @@ CVE-2023-20236
 CVE-2023-20235
        RESERVED
 CVE-2023-20234 (A vulnerability in the CLI of Cisco FXOS Software could allow 
an authe ...)
-       TODO: check
+       NOT-FOR-US: Cisco FXOS Software
 CVE-2023-20233
        RESERVED
 CVE-2023-20232 (A vulnerability in the Tomcat implementation for Cisco Unified 
Contact ...)
@@ -57258,7 +57258,7 @@ CVE-2023-20232 (A vulnerability in the Tomcat 
implementation for Cisco Unified C
 CVE-2023-20231
        RESERVED
 CVE-2023-20230 (A vulnerability in the restricted security domain 
implementation of Ci ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20229 (A vulnerability in the CryptoService function of Cisco Duo 
Device Heal ...)
        NOT-FOR-US: Cisco
 CVE-2023-20228 (A vulnerability in the web-based management interface of Cisco 
Integra ...)
@@ -57321,7 +57321,7 @@ CVE-2023-20202
 CVE-2023-20201 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2023-20200 (A vulnerability in the Simple Network Management Protocol 
(SNMP) servi ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for 
macOS could ...)
        NOT-FOR-US: Cisco
 CVE-2023-20198
@@ -57386,9 +57386,9 @@ CVE-2023-20171 (Multiple vulnerabilities in Cisco 
Identity Services Engine (ISE)
 CVE-2023-20170
        RESERVED
 CVE-2023-20169 (A vulnerability in the Intermediate System-to-Intermediate 
System (IS- ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20168 (A vulnerability in TACACS+ and RADIUS remote authentication 
for Cisco  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20167 (Multiple vulnerabilities in Cisco Identity Services Engine 
(ISE) could ...)
        NOT-FOR-US: Cisco
 CVE-2023-20166 (Multiple vulnerabilities in Cisco Identity Services Engine 
(ISE) could ...)
@@ -57494,7 +57494,7 @@ CVE-2023-20117 (Multiple vulnerabilities in the 
web-based management interface o
 CVE-2023-20116 (A vulnerability in the Administrative XML Web Service (AXL) 
API of Cis ...)
        NOT-FOR-US: Cisco
 CVE-2023-20115 (A vulnerability in the SFTP server implementation for Cisco 
Nexus 3000 ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20114
        RESERVED
 CVE-2023-20113 (A vulnerability in the web-based management interface of Cisco 
SD-WAN  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413877b1d4d187ec5ff3ddacfed443fc7521fab4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413877b1d4d187ec5ff3ddacfed443fc7521fab4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to