[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
36cb0ed7 by Salvatore Bonaccorso at 2024-07-27T14:59:46+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -31,7 +31,7 @@ CVE-2024-42029 (xdg-desktop-portal-hyprland (aka an XDG 
Desktop Portal backend f
 CVE-2024-41815 (Starship is a cross-shell prompt. Starting in version 1.0.0 
and prior  ...)
- starship  (bug #946187)
 CVE-2024-41628 (Directory Traversal vulnerability in Severalnines Cluster 
Control 1.9. ...)
-   TODO: check
+   NOT-FOR-US: Severalnines Cluster Control
 CVE-2024-41120 (streamlit-geospatial is a streamlit multipage app for 
geospatial appli ...)
NOT-FOR-US: streamlit-geospatial
 CVE-2024-41119 (streamlit-geospatial is a streamlit multipage app for 
geospatial appli ...)
@@ -47,13 +47,13 @@ CVE-2024-41115 (streamlit-geospatial is a streamlit 
multipage app for geospatial
 CVE-2024-41114 (streamlit-geospatial is a streamlit multipage app for 
geospatial appli ...)
NOT-FOR-US: streamlit-geospatial
 CVE-2024-40433 (Insecure Permissions vulnerability in Tencent wechat v.8.0.37 
allows a ...)
-   TODO: check
+   NOT-FOR-US: Tencent wechat
 CVE-2024-37034 (An issue was discovered in Couchbase Server before 7.2.5 and 
7.6.0 bef ...)
-   TODO: check
+   NOT-FOR-US: Couchbase Server
 CVE-2024-1804 (The Tutor LMS \u2013 Migration Tool plugin for WordPress is 
vulnerable ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2024-1798 (The Tutor LMS \u2013 Migration Tool plugin for WordPress is 
vulnerable ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2024-7128 (A flaw was found in the Openshift console. Several endpoints in 
the ap ...)
NOT-FOR-US: Openshift
 CVE-2024-7062 (Nimble Commander suffers from a privilege escalation 
vulnerability due ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36cb0ed7a7b472ff411314a5b2e995a49c095d36

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36cb0ed7a7b472ff411314a5b2e995a49c095d36
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c62f38e7 by Salvatore Bonaccorso at 2024-07-10T10:37:11+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -73,7 +73,7 @@ CVE-2024-36451 (Improper handling of insufficient permissions 
or privileges vuln
 CVE-2024-36450 (Cross-site scripting vulnerability exists in sysinfo.cgi of 
Webmin ver ...)
TODO: check
 CVE-2024-35154 (IBM WebSphere Application Server 8.5 and 9.0 could allow a 
remote auth ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-34726 (In PVRSRV_MMap of pvr_bridge_k.c, there is a possible 
arbitrary code e ...)
TODO: check
 CVE-2024-34725 (In DevmemIntUnexportCtx of devicemem_server.c, there is a 
possible arb ...)
@@ -139,7 +139,7 @@ CVE-2024-27386 (A vulnerability was discovered in the 
slsi_handle_nan_rx_event_l
 CVE-2024-27385 (A vulnerability was discovered in the 
slsi_handle_nan_rx_event_log_ind ...)
TODO: check
 CVE-2024-25023 (IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM 
QRadar S ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-23711 (In DevmemXIntUnreserveRange of devicemem_server.c, there is a 
possible ...)
TODO: check
 CVE-2024-23698 (In RGXFWChangeOSidPriority of rgxfwutils.c, there is a 
possible arbitr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c62f38e738a557bc796c16d148b22dbe141f08c9

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c62f38e738a557bc796c16d148b22dbe141f08c9
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8514f364 by Salvatore Bonaccorso at 2024-07-08T22:17:36+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -17,9 +17,9 @@ CVE-2024-39896 (Directus is a real-time API and App dashboard 
for managing SQL d
 CVE-2024-39895 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
TODO: check
 CVE-2024-39743 (IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a 
user to ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-39742 (IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a 
user to ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-39701 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
TODO: check
 CVE-2024-39699 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8514f3645e216176099d51a69c8d9a58dcdf7cf0

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8514f3645e216176099d51a69c8d9a58dcdf7cf0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fbb50b69 by Salvatore Bonaccorso at 2024-07-05T21:25:02+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2024-39943 (rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, 
UNIX, an ...)
TODO: check
 CVE-2024-39937 (supOS 5.0 allows api/image/download?fileName=../ directory 
traversal f ...)
-   TODO: check
+   NOT-FOR-US: supOS
 CVE-2024-39936 (An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x 
before 6.2. ...)
TODO: check
 CVE-2024-39935 (jc21 NGINX Proxy Manager before 2.11.3 allows 
backend/internal/certifi ...)
@@ -64,7 +64,7 @@ CVE-2024-39472 (In the Linux kernel, the following 
vulnerability has been resolv
- linux 
NOTE: 
https://git.kernel.org/linus/45cf976008ddef4a9c9a30310c9b4fb2a9a6602a (6.10-rc1)
 CVE-2024-34481 (drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via 
comments, cap ...)
-   TODO: check
+   NOT-FOR-US: drupal-wiki.com Drupal Wiki
 CVE-2024-6513
REJECTED
 CVE-2024-6511 (A vulnerability classified as problematic was found in 
y_project RuoYi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbb50b69b073c89b2bd280c6e3919b07ea1fb993

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbb50b69b073c89b2bd280c6e3919b07ea1fb993
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d777e250 by Salvatore Bonaccorso at 2024-06-23T12:21:16+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2024-6267 (A vulnerability classified as problematic was found in 
SourceCodester  ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2024-6266 (A vulnerability classified as critical has been found in Pear 
Admin Bo ...)
-   TODO: check
+   NOT-FOR-US: Pear Admin Boot
 CVE-2024-6253 (A vulnerability was found in itsourcecode Online Food Ordering 
System  ...)
NOT-FOR-US: itsourcecode Online Food Ordering System
 CVE-2024-6252 (A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and 
classi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d777e250faedc8570273ced1281bf37c9bee115e

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d777e250faedc8570273ced1281bf37c9bee115e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7d4a9892 by Salvatore Bonaccorso at 2024-06-06T22:19:54+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -245,7 +245,7 @@ CVE-2024-28995 (SolarWinds Serv-U was susceptible to a 
directory transversal vul
 CVE-2024-23793 (The file upload feature in OTRS and ((OTRS)) Community Edition 
has a p ...)
TODO: check
 CVE-2024-22326 (IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 
89.33.4 ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-1881 (AutoGPT, a component of significant-gravitas/autogpt, is 
vulnerable to ...)
TODO: check
 CVE-2024-1880 (An OS command injection vulnerability exists in the MacOS 
Text-To-Spee ...)
@@ -257,7 +257,7 @@ CVE-2024-1873 (parisneo/lollms-webui is vulnerable to path 
traversal and denial
 CVE-2024-0520 (A vulnerability in mlflow/mlflow version 8.2.1 allows for 
remote code  ...)
TODO: check
 CVE-2023-45192 (IBM Engineering Requirements Management DOORS Next 7.0.2 and 
7.0.3 is  ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-5665 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for 
WordPr ...)
NOT-FOR-US: WordPress plugin
 CVE-2024-5656 (The Google CSE plugin for WordPress is vulnerable to Stored 
Cross-Site ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d4a989238e445154013b34a4c24669c041bb8b4

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d4a989238e445154013b34a4c24669c041bb8b4
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ee1f63f5 by Salvatore Bonaccorso at 2024-05-28T22:21:55+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -103,7 +103,7 @@ CVE-2024-2451 (Improper fingerprint validation in the 
TeamViewer Client (Full &
 CVE-2024-2199 (A denial of service vulnerability was found in 389-ds-base ldap 
server ...)
TODO: check
 CVE-2024-29072 (A privilege escalation vulnerability exists in the Foxit 
Reader 2024.2 ...)
-   TODO: check
+   NOT-FOR-US: Foxit Reader
 CVE-2024-28061 (An issue was discovered in Apiris Kafeo 6.4.4. It permits a 
bypass, of ...)
TODO: check
 CVE-2024-28060 (An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL 
hijackin ...)
@@ -189,7 +189,7 @@ CVE-2023-43843 (Incorrect access control in the account 
management function of w
 CVE-2023-43842 (Incorrect access control in the account management function of 
web int ...)
TODO: check
 CVE-2023-37411 (IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to 
cross-site scri ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-35953 (Multiple stack-based buffer overflow vulnerabilities exist in 
the read ...)
TODO: check
 CVE-2023-35952 (Multiple stack-based buffer overflow vulnerabilities exist in 
the read ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee1f63f56291cae52eaf9f2880ee00f622981b72

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee1f63f56291cae52eaf9f2880ee00f622981b72
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4d3e18f8 by Salvatore Bonaccorso at 2024-05-13T06:14:26+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2024-4799 (A vulnerability, which was classified as critical, was found in 
Kaship ...)
-   TODO: check
+   NOT-FOR-US: Kashipara College Management System
 CVE-2024-4798 (A vulnerability, which was classified as critical, has been 
found in S ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Online Computer and Laptop Store
 CVE-2024-4797 (A vulnerability was found in Campcodes Online Laundry 
Management Syste ...)
NOT-FOR-US: Campcodes Online Laundry Management System
 CVE-2024-4796 (A vulnerability was found in Campcodes Online Laundry 
Management Syste ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d3e18f8b18b24bd0337f7f9aec68af58803ec23

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d3e18f8b18b24bd0337f7f9aec68af58803ec23
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
650b9c8f by Salvatore Bonaccorso at 2024-04-18T12:31:18+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -230,9 +230,9 @@ CVE-2024-31578 (FFmpeg version n6.1.1 was discovered to 
contain a heap use-after
 CVE-2024-31463 (Ironic-image is an OpenStack Ironic deployment packaged and 
configured ...)
TODO: check
 CVE-2024-31041 (Null Pointer Dereference vulnerability in topic_filtern 
function in mq ...)
-   TODO: check
+   NOT-FOR-US: NanoMQ
 CVE-2024-31040 (Buffer Overflow vulnerability in the get_var_integer function 
in mqtt_ ...)
-   TODO: check
+   NOT-FOR-US: NanoMQ
 CVE-2024-31031 (An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to 
cause un ...)
TODO: check
 CVE-2024-30990 (SQL Injection vulnerability in the "Invoices" page in 
phpgurukul Clien ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/650b9c8ff693ad4e62ad53672d20dd60ab063f5b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/650b9c8ff693ad4e62ad53672d20dd60ab063f5b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6e56deff by Salvatore Bonaccorso at 2024-04-16T21:08:46+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -267817,9 +267817,9 @@ CVE-2020-22542
 CVE-2020-22541
RESERVED
 CVE-2020-22540 (Stored Cross-Site Scripting (XSS) vulnerability in Codoforum 
v4.9, all ...)
-   TODO: check
+   NOT-FOR-US: Codoforum
 CVE-2020-22539 (An arbitrary file upload vulnerability in the Add Category 
function of ...)
-   TODO: check
+   NOT-FOR-US: Codoforum
 CVE-2020-22538
RESERVED
 CVE-2020-22537



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e56deff06bf24c4810af45a0fc95f56a44c88d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e56deff06bf24c4810af45a0fc95f56a44c88d9
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
593eb613 by Salvatore Bonaccorso at 2024-04-14T13:19:03+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,5 +1,5 @@
 CVE-2024-3740 (A vulnerability, which was classified as critical, has been 
found in c ...)
-   TODO: check
+   NOT-FOR-US: cym1102 nginxWebUI
 CVE-2024-3739 (A vulnerability classified as critical was found in cym1102 
nginxWebUI ...)
NOT-FOR-US: cym1102 nginxWebUI
 CVE-2024-3738 (A vulnerability classified as critical has been found in 
cym1102 nginx ...)
@@ -30,7 +30,7 @@ CVE-2024-26817 (In the Linux kernel, the following 
vulnerability has been resolv
 CVE-2024-3027 (The Smart Slider 3 plugin for WordPress is vulnerable to 
unauthorized  ...)
NOT-FOR-US: WordPress plugin
 CVE-2024-32028 (OpenTelemetry dotnet is a dotnet telemetry framework. In 
affected vers ...)
-   TODO: check
+   NOT-FOR-US: OpenTelemetry dotnet
 CVE-2024-32019 (Netdata is an open source observability tool. In affected 
versions the ...)
- netdata  (Vulnerable code not present)
NOTE: 
https://github.com/netdata/netdata/security/advisories/GHSA-pmhq-4cxq-wj93



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/593eb6138a9f208b2c9f973fbacf9e7e68246ddd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/593eb6138a9f208b2c9f973fbacf9e7e68246ddd
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9759275c by Salvatore Bonaccorso at 2024-04-04T22:21:58+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -53,11 +53,11 @@ CVE-2024-29182 (Collabora Online is a collaborative online 
office suite based on
 CVE-2024-28871 (LibHTP is a security-aware parser for the HTTP protocol and 
the relate ...)
TODO: check
 CVE-2024-28787 (IBM Security Verify Access 10.0.0 through 10.0.7 and IBM 
Application G ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-27575 (Directory Traversal vulnerability in INOTEC Sicherheitstechnik 
GmbH IN ...)
TODO: check
 CVE-2024-27268 (IBM WebSphere Application Server Liberty 18.0.0.2 through 
24.0.0.3 is  ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-25709 (There is a stored Cross-site Scripting vulnerability in Esri 
Portal fo ...)
TODO: check
 CVE-2024-25708 (There is a stored Cross-site Scripting vulnerability in Esri 
Portal fo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9759275ccc80082310ffb67c758ff344191add5c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9759275ccc80082310ffb67c758ff344191add5c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1001ce8c by Salvatore Bonaccorso at 2024-03-25T15:39:44+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -7,9 +7,9 @@ CVE-2024-29216 (Exposed IOCTL with insufficient access control 
issue exists in c
 CVE-2024-29194 (OneUptime is a solution for monitoring and managing online 
services. T ...)
NOT-FOR-US: OneUptime
 CVE-2024-29188 (WiX toolset lets developers create installers for Windows 
Installer, t ...)
-   TODO: check
+   NOT-FOR-US: WiX toolset (not same as wixl from src:msitools)
 CVE-2024-29187 (WiX toolset lets developers create installers for Windows 
Installer, t ...)
-   TODO: check
+   NOT-FOR-US: WiX toolset (not same as wixl from src:msitools)
 CVE-2024-29071 (HGW BL1500HM Ver 002.001.013 and earlier contains a use of 
week creden ...)
NOT-FOR-US: HGW BL1500HM
 CVE-2024-29034 (CarrierWave is a solution for file uploads for Rails, Sinatra 
and othe ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1001ce8ce6c1f5873290579ab5bb8c7a2751a79f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1001ce8ce6c1f5873290579ab5bb8c7a2751a79f
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f0cb33cb by Salvatore Bonaccorso at 2024-03-21T21:16:28+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -101,7 +101,7 @@ CVE-2024-27956 (Improper Neutralization of Special Elements 
used in an SQL Comma
 CVE-2024-27683 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a 
stack-based buff ...)
TODO: check
 CVE-2024-27277 (The private key for the IBM Storage Protect Plus Server 10.1.0 
through ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-27190 (Missing Authorization vulnerability in Jean-David Daviet 
Download Medi ...)
TODO: check
 CVE-2024-25935 (Missing Authorization vulnerability in Metagauss 
RegistrationMagic.Thi ...)
@@ -129,7 +129,7 @@ CVE-2023-51141 (An issue in ZKTeko BioTime v.8.5.4 and 
before allows a remote at
 CVE-2023-49837 (Uncontrolled Resource Consumption vulnerability in David 
Artiss Code E ...)
TODO: check
 CVE-2023-47715 (IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could 
allow an  ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-26643 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
- linux 
[buster] - linux  (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0cb33cb7eb9b179fb696c68e81a2c8f75932730

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0cb33cb7eb9b179fb696c68e81a2c8f75932730
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bf5458b9 by Salvatore Bonaccorso at 2024-03-21T09:36:27+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -47,11 +47,11 @@ CVE-2024-29033 (OAuthenticator provides plugins for 
JupyterHub to use common OAu
 CVE-2024-29032 (Qiskit IBM Runtime is an environment that streamlines quantum 
computat ...)
NOT-FOR-US: IBM
 CVE-2024-29026 (Owncast is an open source, self-hosted, decentralized, single 
user liv ...)
-   TODO: check
+   NOT-FOR-US: Owncast
 CVE-2024-29018 (Moby is an open source container framework that is a key 
component of  ...)
TODO: check
 CVE-2024-28916 (Xbox Gaming Services Elevation of Privilege Vulnerability)
-   TODO: check
+   NOT-FOR-US: Microsoft
 CVE-2024-28835 (A flaw has been discovered in GnuTLS where an application 
crash can be ...)
TODO: check
 CVE-2024-28635 (Cross Site Scripting (XSS) vulnerability in SurveyJS Survey 
Creator v. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf5458b9e10948d434149df4bcc9786fb5edb2d6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf5458b9e10948d434149df4bcc9786fb5edb2d6
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b076ba37 by Salvatore Bonaccorso at 2024-03-14T21:35:50+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,7 @@
+CVE-2024-1930
+   NOT-FOR-US: dnf5daemon-server
+CVE-2024-1929
+   NOT-FOR-US: dnf5daemon-server
 CVE-2024-2438
REJECTED
 CVE-2024-2437



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b076ba37e8f224be6e224960c7c428324680b12d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b076ba37e8f224be6e224960c7c428324680b12d
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
82315a7e by Salvatore Bonaccorso at 2024-03-10T21:24:22+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2024-2355 (A vulnerability has been found in keerti1924 
Secret-Coder-PHP-Project  ...)
-   TODO: check
+   NOT-FOR-US: keerti1924 Secret-Coder-PHP-Project
 CVE-2024-2354 (A vulnerability, which was classified as problematic, was found 
in Dre ...)
-   TODO: check
+   NOT-FOR-US: Dreamer CMS
 CVE-2024-2353 (A vulnerability, which was classified as critical, has been 
found in T ...)
NOT-FOR-US: Totolink
 CVE-2024-2352 (A vulnerability, which was classified as critical, has been 
found in 1 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82315a7e28b28c15b606431bf909fe71a023f769

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82315a7e28b28c15b606431bf909fe71a023f769
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a140735a by Salvatore Bonaccorso at 2024-03-03T20:35:40+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -17,7 +17,7 @@ CVE-2024-24307 (Path Traversal vulnerability in Tunis Soft 
"Product Designer" (p
 CVE-2024-0968 (Cross-site Scripting (XSS) - DOM in GitHub repository 
langchain-ai/cha ...)
NOT-FOR-US: LanChain-ai Langchain
 CVE-2024-0795 (If an attacked was given access to an instance with the admin 
or manag ...)
-   TODO: check
+   NOT-FOR-US: AnythingLLM
 CVE-2024-26621 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
- linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/4ef9ad19e17676b9ef071309bc62020e2373705d (6.8-rc3)
@@ -590,7 +590,7 @@ CVE-2023-46950 (Cross Site Scripting vulnerability in 
Contribsys Sidekiq v.6.5.8
 CVE-2023-39254 (Dell Update Package (DUP), Versions prior to 4.9.10 contain an 
Uncontr ...)
NOT-FOR-US: Dell
 CVE-2024-2045 (Session version 1.17.5 allows obtaining internal application 
files and ...)
-   TODO: check
+   NOT-FOR-US: Session Android
 CVE-2024-2022 (A vulnerability was found in Netentsec NS-ASG Application 
Security Gat ...)
NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
 CVE-2024-2021 (A vulnerability was found in Netentsec NS-ASG Application 
Security Gat ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a140735aa6c893cf0a6d9f85c42287246df27d40

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a140735aa6c893cf0a6d9f85c42287246df27d40
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
997a1929 by Salvatore Bonaccorso at 2024-02-21T21:19:44+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -89,7 +89,7 @@ CVE-2023-6533 (Malformed Device Reset Locally Command Class 
packets can be sent
 CVE-2023-50975 (The TD Bank TD Advanced Dashboard client through 3.0.3 for 
macOS allow ...)
TODO: check
 CVE-2023-50955 (IBM InfoSphere Information Server 11.7 could allow an 
authenticated pr ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-49100 (Trusted Firmware-A (TF-A) before 2.10 has a potential read 
out-of-boun ...)
TODO: check
 CVE-2023-47795 (Stored cross-site scripting (XSS) vulnerability in the 
Document and Me ...)
@@ -97,7 +97,7 @@ CVE-2023-47795 (Stored cross-site scripting (XSS) 
vulnerability in the Document
 CVE-2023-46241 (`discourse-microsoft-auth` is a plugin that enables 
authentication via ...)
TODO: check
 CVE-2023-33843 (IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site scr ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-0410
- gitlab 
 CVE-2023-3509



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/997a192908af5823a442fd3d9d711254ffdd4c95

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/997a192908af5823a442fd3d9d711254ffdd4c95
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d332a557 by Salvatore Bonaccorso at 2024-02-14T22:17:20+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -198,7 +198,7 @@ CVE-2023-44294 (In Dell Secure Connect Gateway Application 
and Secure Connect Ga
 CVE-2023-43749
REJECTED
 CVE-2023-42776 (Improper input validation in some Intel(R) SGX DCAP software 
for Windo ...)
-   TODO: check
+   NOT-FOR-US: Intel
 CVE-2023-42775
REJECTED
 CVE-2023-42665
@@ -216,7 +216,7 @@ CVE-2023-41090 (Race condition in some Intel(R) MAS 
software before version 2.3
 CVE-2023-40161 (Improper access control in some Intel Unite(R) Client software 
before  ...)
TODO: check
 CVE-2023-40156 (Uncontrolled search path element in some Intel(R) SSU software 
before  ...)
-   TODO: check
+   NOT-FOR-US: Intel
 CVE-2023-40154 (Incorrect default permissions in the Intel(R) SUR for Gameplay 
Softwar ...)
TODO: check
 CVE-2023-39941 (Improper access control in some Intel(R) SUR software before 
version 2 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d332a55750c008b5f2b8854634c9722620d4b2e1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d332a55750c008b5f2b8854634c9722620d4b2e1
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f5d14b57 by Salvatore Bonaccorso at 2024-02-09T08:42:33+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -113123,6 +113123,7 @@ CVE-2022-2233 (The Banner Cycler plugin for WordPress 
is vulnerable to Cross-Sit
NOT-FOR-US: Banner Cycler plugin for WordPress
 CVE-2022-2232
RESERVED
+   NOT-FOR-US: Keycloak
 CVE-2022-2231 (NULL Pointer Dereference in GitHub repository vim/vim prior to 
8.2.)
- vim 2:9.0.0135-1 (unimportant)
NOTE: https://huntr.dev/bounties/8dae6ab4-7a7a-4716-a65c-9b090fa057b5
@@ -135911,6 +135912,7 @@ CVE-2022-0932 (Missing Authorization in GitHub 
repository saleor/saleor prior to
NOT-FOR-US: saleor
 CVE-2022-0931
RESERVED
+   NOT-FOR-US: Red Hat 3scale API gateway
 CVE-2022-0930 (File upload filter bypass leading to stored XSS in GitHub 
repository m ...)
NOT-FOR-US: microweber
 CVE-2022-0929 (XSS on dynamic_text module in GitHub repository 
microweber/microweber  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5d14b57efdb9d53ff44f45f9b97ca5617cef534

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5d14b57efdb9d53ff44f45f9b97ca5617cef534
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
779db563 by Salvatore Bonaccorso at 2024-02-07T09:18:51+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -69,7 +69,7 @@ CVE-2024-22514 (An issue discovered in iSpyConnect.com Agent 
DVR 5.1.6.0 allows
 CVE-2024-22388 (Certain configuration available in the communication channel 
for encod ...)
TODO: check
 CVE-2024-22331 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 
7.1.2.15, ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2024-22241 (Aria Operations for Networks contains a cross site scripting 
vulnerabi ...)
TODO: check
 CVE-2024-22240 (Aria Operations for Networks contains a local file read 
vulnerability. ...)
@@ -159,7 +159,7 @@ CVE-2023-47167 (A post authentication command injection 
vulnerability exists in
 CVE-2023-46683 (A  post authentication command injection vulnerability exists 
when con ...)
TODO: check
 CVE-2023-46183 (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 
through FW ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-45735 (A potential attacker with access to the Westermo Lynx device 
may be ab ...)
TODO: check
 CVE-2023-45227 (An attacker with access to the web application with vulnerable 
softwar ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/779db56330229c473dd2af6472eb2d50e5f09ff0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/779db56330229c473dd2af6472eb2d50e5f09ff0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e85f0c94 by Salvatore Bonaccorso at 2024-01-21T16:31:25+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -29,7 +29,7 @@ CVE-2024-23682 (Artemis Java Test Sandbox versions before 
1.8.0 are vulnerable t
 CVE-2024-23681 (Artemis Java Test Sandbox versions before 1.11.2 are 
vulnerable to a s ...)
NOT-FOR-US: Artemis Java Test Sandbox
 CVE-2024-23680 (AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less 
than 1.9. ...)
-   TODO: check
+   NOT-FOR-US: AWS Encryption SDK for Java
 CVE-2024-23679 (Enonic XP versions less than 7.7.4 are vulnerable to a session 
fixatio ...)
NOT-FOR-US: Enonic XP
 CVE-2024-23332 (The Notary Project is a set of specifications and tools 
intended to pr ...)
@@ -83,7 +83,7 @@ CVE-2023-47024 (Cross Site Request Forgery vulnerability in 
NCR Terminal Handler
 CVE-2023-46447 (The POPS! Rebel application 5.0 for Android, in POPS! Rebel 
Bluetooth  ...)
NOT-FOR-US: POPS! Rebel
 CVE-2024-23331 (Vite is a frontend tooling framework for javascript. The Vite 
dev serv ...)
-   TODO: check
+   NOT-FOR-US: Vite
 CVE-2024-23329 (changedetection.io is an open source tool designed to monitor 
websites ...)
NOT-FOR-US: changedetection.io
 CVE-2024-22957 (swftools 0.9.2 was discovered to contain an Out-of-bounds Read 
vulnera ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e85f0c944fb1b2add39e25a52d24475f6e8596a1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e85f0c944fb1b2add39e25a52d24475f6e8596a1
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
639e8ce4 by Salvatore Bonaccorso at 2024-01-06T21:16:25+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-6801 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, 
News & ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-6798 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, 
News & ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2024-21642 (D-Tale is a visualizer for Pandas data structures. Users 
hosting versi ...)
NOT-FOR-US: D-Tale
 CVE-2024-21641 (Flarum is open source discussion platform software. Prior to 
version 1 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/639e8ce442bc7a94976b1e56987c5c0bb4735432

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/639e8ce442bc7a94976b1e56987c5c0bb4735432
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fa1e57e7 by Salvatore Bonaccorso at 2024-01-04T19:45:35+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -66,7 +66,7 @@ CVE-2024-21908 (TinyMCE versions before 5.9.0 are affected by 
a stored cross-sit
- tinymce 
NOTE: 
https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg
 CVE-2024-21907 (Newtonsoft.Json before version 13.0.1 is affected by a 
mishandling of  ...)
-   TODO: check
+   NOT-FOR-US: Newtonsoft.Json
 CVE-2024-21633 (Apktool is a tool for reverse engineering Android APK files. 
In versio ...)
- apktool 
NOTE: 
https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w
@@ -149,7 +149,7 @@ CVE-2023-46738 (CubeFS is an open-source cloud-native file 
storage system. A sec
 CVE-2023-45559 (An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to 
send cra ...)
NOT-FOR-US: Tamaki_hamanoki Line
 CVE-2023-39655 (A host header injection vulnerability exists in the NPM 
package @perfo ...)
-   TODO: check
+   NOT-FOR-US: couch-auth Node.js module
 CVE-2023-38678 (OOB access in paddle.modein PaddlePaddle before 2.6.0. This 
flaw can c ...)
NOT-FOR-US: PaddlePaddle
 CVE-2023-38677 (FPE in paddle.linalg.eig in PaddlePaddle before 2.6.0. This 
flaw can c ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa1e57e7327f18e8287f0dcc093c848ac3ab557c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa1e57e7327f18e8287f0dcc093c848ac3ab557c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b5fd82fa by Salvatore Bonaccorso at 2024-01-03T11:03:23+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -71,9 +71,9 @@ CVE-2023-50342 (HCL DRYiCE MyXalytics is impacted by an 
Insecure Direct Object R
 CVE-2023-50341 (HCL DRYiCE MyXalytics is impacted by Improper Access Control 
(Obsolete ...)
NOT-FOR-US: HCL
 CVE-2023-50020 (An issue was discovered in open5gs v2.6.6. SIGPIPE can be used 
to cras ...)
-   TODO: check
+   NOT-FOR-US: Open5GS
 CVE-2023-50019 (An issue was discovered in open5gs v2.6.6. InitialUEMessage, 
Registrat ...)
-   TODO: check
+   NOT-FOR-US: Open5GS
 CVE-2023-4164 (There is a possible informationdisclosure due to a missing 
permission  ...)
TODO: check
 CVE-2023-49558 (An issue in YASM 1.3.0.86.g9def allows a remote attacker to 
cause a de ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5fd82fa640e35b53107951c80ec64b310be6f4b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5fd82fa640e35b53107951c80ec64b310be6f4b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
109f92b7 by Salvatore Bonaccorso at 2023-12-18T21:25:20+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -67,11 +67,11 @@ CVE-2023-47789 (Cross-Site Request Forgery (CSRF) 
vulnerability in WooCommerce C
 CVE-2023-47787 (Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce 
WooComm ...)
TODO: check
 CVE-2023-47741 (IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web 
browser cl ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-46617 (Cross-Site Request Forgery (CSRF) vulnerability in AdFoxly 
AdFoxly \u2 ...)
TODO: check
 CVE-2023-46177 (IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote 
attacker to t ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-39509 (A command injection vulnerability exists in Bosch IP cameras 
that allo ...)
TODO: check
 CVE-2023-35867 (An improper handling of a malformed API answer packets to API 
clients  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/109f92b73c7a782b30f995134e40d2fe8b76f8d6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/109f92b73c7a782b30f995134e40d2fe8b76f8d6
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d461a7ac by Salvatore Bonaccorso at 2023-12-09T11:35:42+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -13,9 +13,9 @@ CVE-2023-49799 (`nuxt-api-party` is an open source module to 
proxy API requests.
 CVE-2023-49798 (OpenZeppelin Contracts is a library for smart contract 
development. A  ...)
NOT-FOR-US: OpenZeppelin Contracts
 CVE-2023-49797 (PyInstaller bundles a Python application and all its 
dependencies into ...)
-   TODO: check
+   NOT-FOR-US: PyInstaller
 CVE-2023-48311 (dockerspawner is a tool to spawn JupyterHub single user 
servers in Doc ...)
-   TODO: check
+   NOT-FOR-US: dockerspawner
 CVE-2023-47722 (IBM API Connect V10.0.5.3 and V10.0.6.0 stores user 
credentials in bro ...)
NOT-FOR-US: IBM
 CVE-2023-47465 (An issue in GPAC v.2.2.1 and before allows a local attacker to 
cause a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d461a7ac625442d51d04f15c1ec314befc5a9f9e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d461a7ac625442d51d04f15c1ec314befc5a9f9e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
474e3f17 by Salvatore Bonaccorso at 2023-12-05T07:17:01+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,7 @@
+CVE-2023-4503
+   NOT-FOR-US: Red Hat EAP-Galleon
+CVE-2023-6484
+   NOT-FOR-US: Keycloak
 CVE-2023-6481 (A serialization vulnerability in logback receiver component 
part of  l ...)
- logback  (Incomplte fix not applied)
NOTE: https://logback.qos.ch/news.html#1.3.14



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/474e3f1772a3e004df5f4b76bca80ff55f35

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/474e3f1772a3e004df5f4b76bca80ff55f35
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6087b4d1 by Salvatore Bonaccorso at 2023-11-11T08:32:37+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -17,7 +17,7 @@ CVE-2023-47164 (Cross-site scripting vulnerability in 
HOTELDRUID 3.0.5 and earli
 CVE-2023-47129 (Statmic is a core Laravel content management system Composer 
package.  ...)
TODO: check
 CVE-2023-47128 (Piccolo is an object-relational mapping and query builder 
which suppor ...)
-   TODO: check
+   NOT-FOR-US: Piccolo ORM (not the same as src:piccolo)
 CVE-2023-47121 (Discourse is an open source platform for community discussion. 
Prior t ...)
NOT-FOR-US: Discourse
 CVE-2023-47120 (Discourse is an open source platform for community discussion. 
In vers ...)
@@ -25,7 +25,7 @@ CVE-2023-47120 (Discourse is an open source platform for 
community discussion. I
 CVE-2023-47119 (Discourse is an open source platform for community discussion. 
Prior t ...)
NOT-FOR-US: Discourse
 CVE-2023-47108 (OpenTelemetry-Go Contrib is a collection of third-party 
packages for O ...)
-   TODO: check
+   NOT-FOR-US: OpenTelemetry-Go Contrib
 CVE-2023-46735 (Symfony is a PHP framework for web and console applications 
and a set  ...)
- symfony  (Vulnerable code introduced later in v6.3.0)
NOTE: 
https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6087b4d144f0bfe681dd77d576e9de1cc2ae07b0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6087b4d144f0bfe681dd77d576e9de1cc2ae07b0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
49ac3735 by Salvatore Bonaccorso at 2023-11-01T16:51:57+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -497443,7 +497443,7 @@ CVE-2015-2970 (index.php in LEMON-S PHP Simple Oekaki 
BBS before 1.21 allows rem
 CVE-2015-2969 (Cross-site scripting (XSS) vulnerability in index.php in 
LEMON-S PHP S ...)
NOT-FOR-US: Oekaki BBS
 CVE-2015-2968 (LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 
are vu ...)
-   TODO: check
+   NOT-FOR-US: LINE apps for Android and iOS
 CVE-2015-2966 (Directory traversal vulnerability in the Droidware UK Explorer+ 
File M ...)
NOT-FOR-US: Droidware UK Explorer+ File Manager application for Android
 CVE-2015-2965 (Directory traversal vulnerability in osCommerce Japanese 
2.2ms1j-R8 an ...)
@@ -504420,7 +504420,7 @@ CVE-2015-0899 (The MultiPageValidator implementation 
in Apache Struts 1 1.1 thro
 CVE-2015-0898 (futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on 
Windows al ...)
NOT-FOR-US: futomi CGI Cafe MP Form Mail CGI eCommerce
 CVE-2015-0897 (LINE for Android version 5.0.2 and earlier and LINE for iOS 
version 5. ...)
-   TODO: check
+   NOT-FOR-US: LINE apps for Android and iOS
 CVE-2015-0896 (Multiple cross-site scripting (XSS) vulnerabilities in 
eXtplorer befor ...)
{DLA-453-1 DLA-296-1}
- extplorer  (bug #783231)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49ac373566cf7ee4824bb73b16dcf8668cc1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49ac373566cf7ee4824bb73b16dcf8668cc1
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
72ba6d11 by Salvatore Bonaccorso at 2023-10-29T21:15:47+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2007-10003 (A vulnerability, which was classified as critical, has been 
found in T ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2005-10002 (A vulnerability, which was classified as critical, was found 
in almost ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-5840 (Weak Password Recovery Mechanism for Forgotten Password in 
GitHub repo ...)
NOT-FOR-US: LinkStack
 CVE-2023-5839 (Privilege Chaining in GitHub repository hestiacp/hestiacp prior 
to 1.8 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72ba6d11f2f040b990eb8d49101bbbd6ae39dd9d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72ba6d11f2f040b990eb8d49101bbbd6ae39dd9d
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d642379c by Salvatore Bonaccorso at 2023-10-18T12:38:46+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -19,9 +19,9 @@ CVE-2023-45049 (Auth. (contributor+) Stored Cross-Site 
Scripting (XSS) vulnerabi
 CVE-2023-45008 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in WPJo ...)
NOT-FOR-US: WordPress plugin
 CVE-2023-42507 (Stack-based buffer overflow vulnerability exists in OnSinView2 
version ...)
-   TODO: check
+   NOT-FOR-US: OnSinView2
 CVE-2023-42506 (Improper restriction of operations within the bounds of a 
memory buffe ...)
-   TODO: check
+   NOT-FOR-US: OnSinView2
 CVE-2023-42319 (Geth (aka go-ethereum) through 1.13.4, when --http --graphql 
is used,  ...)
TODO: check
 CVE-2023-41715 (SonicOS post-authentication Improper Privilege Management 
vulnerabilit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d642379c64f7d1c0ea2b87bf3022d8bfb51cd5c7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d642379c64f7d1c0ea2b87bf3022d8bfb51cd5c7
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3af1761d by Salvatore Bonaccorso at 2023-10-07T10:22:25+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -91031,7 +91031,7 @@ CVE-2022-34357
 CVE-2022-34356 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a 
non-privileged local ...)
NOT-FOR-US: IBM
 CVE-2022-34355 (IBM Jazz Foundation (IBM Engineering Lifecycle Management 
6.0.6, 6.0.6 ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-34354 (IBM Sterling Partner Engagement Manager 2.0 allows encrypted 
storage o ...)
NOT-FOR-US: IBM
 CVE-2022-34353
@@ -94050,7 +94050,7 @@ CVE-2022-33162
 CVE-2022-33161
RESERVED
 CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected 
cryptogra ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-33159 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores 
user cre ...)
NOT-FOR-US: IBM
 CVE-2022-33158 (Trend Micro VPN Proxy Pro version 5.2.1026 and below contains 
a vulner ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3af1761ded302a7c216500e0f72c1c5918af59ee

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3af1761ded302a7c216500e0f72c1c5918af59ee
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c96bf0c2 by Salvatore Bonaccorso at 2023-10-06T22:29:20+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -49,7 +49,7 @@ CVE-2023-44146 (Cross-Site Request Forgery (CSRF) 
vulnerability in Checkfront In
 CVE-2023-43810 (OpenTelemetry, also known as OTel for short, is a 
vendor-neutral open- ...)
TODO: check
 CVE-2023-43058 (IBM Robotic Process Automation 23.0.9 is vulnerable to 
privilege escal ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-42445 (Gradle is a build tool with a focus on build automation and 
support fo ...)
TODO: check
 CVE-2023-41950 (Cross-Site Request Forgery (CSRF) vulnerability in Laposta - 
Roel Bous ...)
@@ -77,7 +77,7 @@ CVE-2023-38703 (PJSIP is a free and open source multimedia 
communication library
 CVE-2023-36465 (Decidim is a participatory democracy framework, written in 
Ruby on Rai ...)
TODO: check
 CVE-2023-35897 (IBM Spectrum Protect Client and IBM Storage Protect for 
Virtual Enviro ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-32972 (A buffer copy without checking size of input vulnerability has 
been re ...)
TODO: check
 CVE-2023-32971 (A buffer copy without checking size of input vulnerability has 
been re ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c96bf0c27c5c1a3e2491a8095b179162ff1028a6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c96bf0c27c5c1a3e2491a8095b179162ff1028a6
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fa391c52 by Salvatore Bonaccorso at 2023-09-28T22:22:50+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -49,11 +49,11 @@ CVE-2023-43323 (mooSocial 3.1.8 is vulnerable to external 
service interaction on
 CVE-2023-43226 (An arbitrary file upload vulnerability in dede/baidunews.php 
in DedeCM ...)
TODO: check
 CVE-2023-43044 (IBM License Metric Tool 9.2 could allow a remote attacker to 
traverse  ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-41911 (Samsung Mobile Processor Exynos 2200 allows a GPU Double Free 
(issue 1 ...)
TODO: check
 CVE-2023-40375 (Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 
contain ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-40307 (An attacker with standard privileges on macOS when requesting 
administ ...)
TODO: check
 CVE-2023-39195



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa391c527ed045d59dd5854182ff812a8d0e04d0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa391c527ed045d59dd5854182ff812a8d0e04d0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cf0aa547 by Salvatore Bonaccorso at 2023-09-07T10:31:22+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,9 +1,9 @@
 CVE-2023-4815 (Missing Authentication for Critical Function in GitHub 
repository answ ...)
TODO: check
 CVE-2023-4792 (The Duplicate Post Page Menu & Custom Post Type plugin for 
WordPress i ...)
-   TODO: check
+   NOT-FOR-US: Duplicate Post Page Menu & Custom Post Type plugin for 
WordPress
 CVE-2023-4772 (The Newsletter plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-   TODO: check
+   NOT-FOR-US: Newsletter plugin for WordPress
 CVE-2023-41329 (WireMock is a tool for mocking HTTP services. The proxy mode 
of WireMo ...)
TODO: check
 CVE-2023-41327 (WireMock is a tool for mocking HTTP services. WireMock can be 
configur ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0aa547b007113afdbbb8a9df39fe7e54515c04

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0aa547b007113afdbbb8a9df39fe7e54515c04
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8411e245 by Salvatore Bonaccorso at 2023-08-30T20:35:31+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -27,7 +27,7 @@ CVE-2023-39559 (AudimexEE 15.0 was discovered to contain a 
full path disclosure
 CVE-2023-39558 (AudimexEE v15.0 was discovered to contain multiple reflected 
cross-sit ...)
NOT-FOR-US: AudimexEE
 CVE-2023-38975 (* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a 
remote atta ...)
-   TODO: check
+   NOT-FOR-US: qdrant
 CVE-2023-38971 (Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru 
v.2.9.7 allo ...)
NOT-FOR-US: Badaso
 CVE-2023-32241 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
WPDevelo ...)
@@ -70,7 +70,7 @@ CVE-2023-3252 (An arbitrary file write vulnerability exists 
where an authenticat
 CVE-2023-3251 (A pass-back vulnerability exists where an authenticated, remote 
attack ...)
TODO: check
 CVE-2023-39678 (A cross-site scripting (XSS) vulnerability in the device web 
interface ...)
-   TODO: check
+   NOT-FOR-US: BDCOM OLT P3310D-2AC
 CVE-2023-39663 (Mathjax up to v2.7.9 was discovered to contain two Regular 
expression  ...)
TODO: check
 CVE-2023-39616 (AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid 
read mem ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8411e245b40404a35398b177655759cdff29ebd2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8411e245b40404a35398b177655759cdff29ebd2
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
64687fd8 by Salvatore Bonaccorso at 2023-08-27T17:31:41+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -35,11 +35,11 @@ CVE-2023-40587 (Pyramid is an open source Python web 
framework. A path traversal
NOTE: Underlying issue fixed in Python 3.11 and 3.12.
TODO: check,  claimed to be only affecting >= 2.0
 CVE-2023-40586 (OWASP Coraza WAF is a golang modsecurity compatible web 
application fi ...)
-   TODO: check
+   NOT-FOR-US: OWASP Coraza WAF
 CVE-2023-40585 (ironic-image is a container image to run OpenStack Ironic as 
part of M ...)
TODO: check
 CVE-2023-40583 (libp2p is a networking stack and library modularized out of 
The IPFS P ...)
-   TODO: check
+   NOT-FOR-US: go-libp2p
 CVE-2023-40571 (weblogic-framework is a tool for detecting weblogic 
vulnerabilities. V ...)
TODO: check
 CVE-2023-40166 (Notepad++ is a free and open-source source code editor. 
Versions 8.5.6 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64687fd89654dad7b43eb5f0ba22be5e996badf4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64687fd89654dad7b43eb5f0ba22be5e996badf4
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8fb90b5b by Salvatore Bonaccorso at 2023-08-27T14:35:15+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-4556 (A vulnerability was found in SourceCodester Online Graduate 
Tracer Sys ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Online Graduate Tracer System
 CVE-2023-4555 (A vulnerability has been found in SourceCodester Inventory 
Management  ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-4548 (A vulnerability classified as critical has been found in 
SPA-Cart eCom ...)
NOT-FOR-US: SPA-Cart eCommerce CMS
 CVE-2023-4547 (A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It 
has be ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fb90b5bf91813f6174d5312e73846e947fd5b99

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fb90b5bf91813f6174d5312e73846e947fd5b99
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1490561e by Salvatore Bonaccorso at 2023-08-27T08:39:00+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-4548 (A vulnerability classified as critical has been found in 
SPA-Cart eCom ...)
-   TODO: check
+   NOT-FOR-US: SPA-Cart eCommerce CMS
 CVE-2023-4547 (A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It 
has be ...)
-   TODO: check
+   NOT-FOR-US: SPA-Cart eCommerce CMS
 CVE-2023-4546 (A vulnerability was found in Beijing Baichuo Smart S85F 
Management Pla ...)
NOT-FOR-US: Beijing Baichuo Smart S85F Management Plattform
 CVE-2023-4545 (A vulnerability was found in IBOS OA 4.5.5. It has been 
classified as  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1490561e6e1ca51549068ce48818c6f170ad6758

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1490561e6e1ca51549068ce48818c6f170ad6758
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
14245744 by Salvatore Bonaccorso at 2023-08-24T23:21:16+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -215334,7 +215334,7 @@ CVE-2020-24115 (In projectworlds Online Book Store 
1.0 Use of Hard-coded Credent
 CVE-2020-24114
RESERVED
 CVE-2020-24113 (Directory Traversal vulnerability in Contacts File Upload 
Interface in ...)
-   TODO: check
+   NOT-FOR-US: Yealink W60B
 CVE-2020-24112
RESERVED
 CVE-2020-24111
@@ -219432,7 +219432,7 @@ CVE-2020-22183
 CVE-2020-22182
RESERVED
 CVE-2020-22181 (A reflected cross site scripting (XSS) vulnerability was 
discovered on ...)
-   TODO: check
+   NOT-FOR-US: Samsung
 CVE-2020-22180
RESERVED
 CVE-2020-22179



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1424574447d1389b72d17703e86bb6e1d94f2437

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1424574447d1389b72d17703e86bb6e1d94f2437
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e3159204 by Salvatore Bonaccorso at 2023-08-14T22:23:17+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -37,9 +37,9 @@ CVE-2023-39293 (A Command Injection vulnerability has been 
identified in the MiV
 CVE-2023-39292 (A SQL Injection vulnerability has been identified in the 
MiVoice Offic ...)
TODO: check
 CVE-2023-38741 (IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is 
vulnerable to a d ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-38721 (The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for 
i conta ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-37847 (novel-plus v3.6.2 was discovered to contain a SQL injection 
vulnerabil ...)
TODO: check
 CVE-2023-37070 (Code Projects Hospital Information System 1.0 is vulnerable to 
Cross S ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e31592046077e2077330b9c790066471c50bbf73

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e31592046077e2077330b9c790066471c50bbf73
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
313f413d by Salvatore Bonaccorso at 2023-08-12T10:14:41+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-4293 (The Premium Packages - Sell Digital Products Securely plugin 
for WordP ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-3452 (The Canto plugin for WordPress is vulnerable to Remote File 
Inclusion  ...)
-   TODO: check
+   NOT-FOR-US: Canto plugin for WordPress
 CVE-2023-3937 (Cross site scripting vulnerability in web portal in Snow 
Software Lice ...)
NOT-FOR-US: Snow Software
 CVE-2023-3864 (Blind SQL injection in a service running in Snow Software 
license mana ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/313f413d05a4614f32c363282615ebbc599ec2ff

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/313f413d05a4614f32c363282615ebbc599ec2ff
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
de0e2aa7 by Salvatore Bonaccorso at 2023-08-11T22:46:28+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-3937 (Cross site scripting vulnerability in web portal in Snow 
Software Lice ...)
-   TODO: check
+   NOT-FOR-US: Snow Software
 CVE-2023-3864 (Blind SQL injection in a service running in Snow Software 
license mana ...)
-   TODO: check
+   NOT-FOR-US: Snow Software
 CVE-2023-39949 (eprosima Fast DDS is a C++ implementation of the Data 
Distribution Ser ...)
TODO: check
 CVE-2023-39948 (eprosima Fast DDS is a C++ implementation of the Data 
Distribution Ser ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de0e2aa7f293f6e3ef3e7893bc7d80d37b7abff7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de0e2aa7f293f6e3ef3e7893bc7d80d37b7abff7
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8a787916 by Salvatore Bonaccorso at 2023-08-10T10:21:05+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-4277 (The Realia plugin for WordPress is vulnerable to Cross-Site 
Request Fo ...)
-   TODO: check
+   NOT-FOR-US: Realia plugin for WordPress
 CVE-2023-4276 (The Absolute Privacy plugin for WordPress is vulnerable to 
Cross-Site  ...)
-   TODO: check
+   NOT-FOR-US: Absolute Privacy plugin for WordPress
 CVE-2023-36673 (An issue was discovered in Avira Phantom VPN through 2.23.1 
for macOS. ...)
TODO: check
 CVE-2023-36672 (An issue was discovered in the Clario VPN client through 
5.9.1.1662 fo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a787916d9da70327f0b054de8d0ff983fb1ba67

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a787916d9da70327f0b054de8d0ff983fb1ba67
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d159fc5a by Salvatore Bonaccorso at 2023-07-22T14:39:12+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,5 +1,5 @@
 CVE-2023-3826 (A vulnerability has been found in IBOS OA 4.5.5 and classified 
as crit ...)
-   TODO: check
+   NOT-FOR-US: IBOS OA
 CVE-2023-3776 (A use-after-free vulnerability in the Linux kernel's net/sched: 
cls_fw ...)
- linux 
NOTE: 
https://git.kernel.org/linus/0323bce598eea038714f941ce2b22541c46d488f (6.5-rc2)
@@ -22,7 +22,7 @@ CVE-2023-37917 (KubePi is an opensource kubernetes management 
panel. A normal us
 CVE-2023-37916 (KubePi is an opensource kubernetes management panel. The 
endpoint /kub ...)
TODO: check
 CVE-2023-35077 (An out-of-bounds write vulnerability on windows operating 
systems caus ...)
-   TODO: check
+   NOT-FOR-US: Ivanti
 CVE-2023-3822 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
pimcore/pi ...)
NOT-FOR-US: pimcore
 CVE-2023-3821 (Cross-site Scripting (XSS) - Stored in GitHub repository 
pimcore/pimco ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d159fc5ac09a62bd56f04ca83ddc8400987ba668

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d159fc5ac09a62bd56f04ca83ddc8400987ba668
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3296fc06 by Salvatore Bonaccorso at 2023-07-06T21:46:56+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -42,9 +42,9 @@ CVE-2023-36828 (Statamic is a flat-first, Laravel and Git 
powered content manage
 CVE-2023-36827 (Fides is an open-source privacy engineering platform for 
managing the  ...)
TODO: check
 CVE-2023-36822 (Uptime Kuma, a self-hosted monitoring tool, has a path 
traversal vulne ...)
-   TODO: check
+   NOT-FOR-US: Uptime Kuma
 CVE-2023-36821 (Uptime Kuma, a self-hosted monitoring tool, allows an 
authenticated at ...)
-   TODO: check
+   NOT-FOR-US: Uptime Kuma
 CVE-2023-36809 (Kiwi TCMS, an open source test management system allows users 
to uploa ...)
NOT-FOR-US: Kiwi TCMS
 CVE-2023-36808 (GLPI is a free asset and IT management software package. 
Starting in v ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3296fc067506ab2ee95845d8d1b42d680f450b1e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3296fc067506ab2ee95845d8d1b42d680f450b1e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ebe96281 by Salvatore Bonaccorso at 2023-06-26T22:18:40+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -10380,7 +10380,7 @@ CVE-2023-29436 (Auth. (contributor+) Stored Cross-Site 
Scripting (XSS) vulnerabi
 CVE-2023-29435 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
TODO: check
 CVE-2023-29434 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Fanc ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-29433
RESERVED
 CVE-2023-29432
@@ -60177,7 +60177,7 @@ CVE-2022-40012
 CVE-2022-40011 (Cross Site Scripting (XSS) vulnerability in typora through 
1.38 allows ...)
NOT-FOR-US: typora
 CVE-2022-40010 (Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi 
was dis ...)
-   TODO: check
+   NOT-FOR-US: Tenda
 CVE-2022-40009 (SWFTools commit 772e55a was discovered to contain a 
heap-use-after-fre ...)
- swftools 
NOTE: https://github.com/matthiaskramm/swftools/issues/190



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebe96281b44bdbe8c0c224c48a62c7d1c2816788

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebe96281b44bdbe8c0c224c48a62c7d1c2816788
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9b1a71b8 by Salvatore Bonaccorso at 2023-06-25T22:29:33+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,9 +1,9 @@
 CVE-2023-3396 (A vulnerability was found in Campcodes Retro Cellphone Online 
Store 1. ...)
-   TODO: check
+   NOT-FOR-US: Campcodes Retro Cellphone Online Store
 CVE-2023-36632 (The legacy email.utils.parseaddr function in Python through 
3.11.4 all ...)
TODO: check
 CVE-2023-36630 (In CloudPanel before 2.3.1, insecure file upload leads to 
privilege es ...)
-   TODO: check
+   NOT-FOR-US: CloudPanel
 CVE-2015-20109 (end_pattern (called from internal_fnmatch) in the GNU C 
Library (aka g ...)
TODO: check
 CVE-2023-36612 (Directory traversal can occur in the Basecamp com.basecamp.bc3 
applica ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b1a71b8409bff3d3be89759145ebd34a1ba3f5e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b1a71b8409bff3d3be89759145ebd34a1ba3f5e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4e979b82 by Salvatore Bonaccorso at 2023-06-22T22:16:05+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -65,7 +65,7 @@ CVE-2023-34796 (Cross site scripting (XSS) vulnerabiliy in 
dmarcts-report-viewer
 CVE-2023-34601 (Jeesite before commit 10742d3 was discovered to contain a SQL 
injectio ...)
TODO: check
 CVE-2023-34368 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Kanb ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-34170 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in WP O ...)
TODO: check
 CVE-2023-34028 (Cross-Site Request Forgery (CSRF) vulnerability in realmag777 
WOLF \u2 ...)
@@ -16302,7 +16302,7 @@ CVE-2023-27620 (Auth. (contributor+) Stored Cross-site 
Scripting (XSS) vulnerabi
 CVE-2023-27619 (Auth (subscriber+) Reflected Cross-Site Scripting (XSS) 
vulnerability  ...)
NOT-FOR-US: WordPress theme
 CVE-2023-27618 (Auth. (editor+) Stored Cross-Site Scripting (XSS) 
vulnerability in AGI ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-27617
RESERVED
 CVE-2023-27616



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e979b829f5d6b5f21f59801eb77e5fe12f44988

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e979b829f5d6b5f21f59801eb77e5fe12f44988
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8a0749e6 by Salvatore Bonaccorso at 2023-06-22T12:34:05+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-34614 (An issue was discovered jmarsden/jsonij thru 0.5.2 allows 
attackers to ...)
TODO: check
 CVE-2023-33842 (IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, 
and 18.5 r ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-33405 (Blogengine.net 3.3.8.0 and earlier is vulnerable to Open 
Redirect.)
TODO: check
 CVE-2023-32449 (Dell PowerStore versions prior to 3.5 contain an improper 
verification ...)
@@ -11527,7 +11527,7 @@ CVE-2023-28958
 CVE-2023-28957
RESERVED
 CVE-2023-28956 (IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 
8.1.17.2 ma ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-28955
RESERVED
 CVE-2023-28954



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a0749e64c5804278c4dec5dcebd4a9a5725992d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a0749e64c5804278c4dec5dcebd4a9a5725992d
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e5e494c8 by Salvatore Bonaccorso at 2023-06-21T11:13:27+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-3339 (A vulnerability has been found in code-projects Agro-School 
Management ...)
-   TODO: check
+   NOT-FOR-US: Agro-School Management System
 CVE-2023-34340 (Improper Authentication vulnerability in Apache Software 
Foundation Ap ...)
-   TODO: check
+   NOT-FOR-US: Apache Accumulo
 CVE-2023-3340 (A vulnerability was found in SourceCodester Online School Fees 
System  ...)
NOT-FOR-US: SourceCodester Online School Fees System
 CVE-2023-3337 (A vulnerability was found in PuneethReddyHC Online Shopping 
System Adv ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5e494c8d7dd3852ba580627f70973891d6efbee

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5e494c8d7dd3852ba580627f70973891d6efbee
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b711aa83 by Salvatore Bonaccorso at 2023-06-03T22:16:42+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,11 +1,11 @@
 CVE-2023-3086 (Cross-site Scripting (XSS) - Stored in GitHub repository 
nilsteampassn ...)
- teampass  (bug #730180)
 CVE-2023-3085 (A vulnerability, which was classified as problematic, has been 
found i ...)
-   TODO: check
+   NOT-FOR-US: X-RT luci
 CVE-2023-3084 (Cross-site Scripting (XSS) - Stored in GitHub repository 
nilsteampassn ...)
- teampass  (bug #730180)
 CVE-2023-32582 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Kyle ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-3083 (Cross-site Scripting (XSS) - Stored in GitHub repository 
nilsteampassn ...)
- teampass  (bug #730180)
 CVE-2023-3055 (The Page Builder by AZEXO plugin for WordPress is vulnerable to 
Cross- ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b711aa8380b6d05b3f7501a61cb9fd0c61d1812e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b711aa8380b6d05b3f7501a61cb9fd0c61d1812e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e7ebf32e by Salvatore Bonaccorso at 2023-06-02T11:31:39+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-3000 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
TODO: check
 CVE-2023-2835 (The WP Directory Kit plugin for WordPress is vulnerable to 
Reflected C ...)
-   TODO: check
+   NOT-FOR-US: WP Directory Kit plugin for WordPress
 CVE-2016-15032 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as 
problema ...)
TODO: check
 CVE-2015-10110 (A vulnerability classified as problematic was found in 
ruddernation Ti ...)
@@ -14259,7 +14259,7 @@ CVE-2023-1161 (ISO 15765 and ISO 10681 dissector crash 
in Wireshark 4.0.0 to 4.0
 CVE-2023-1160 (Use of Platform-Dependent Third Party Components in GitHub 
repository  ...)
NOT-FOR-US: Cockpit Content Platform (different from src:cockpit)
 CVE-2023-1159 (The Bookly plugin for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
-   TODO: check
+   NOT-FOR-US: Bookly plugin for WordPress
 CVE-2023-1158 (Hitachi Vantara Pentaho Business Analytics Server versions 
before 9.4. ...)
NOT-FOR-US: Hitachi Vantara Pentaho Business Analytics Server
 CVE-2023-1157 (A vulnerability, which was classified as problematic, was found 
in fin ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ebf32e24833c976e8d320a69c6c70068790dc7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ebf32e24833c976e8d320a69c6c70068790dc7
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c4742010 by Salvatore Bonaccorso at 2023-05-18T10:21:52+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -6,11 +6,11 @@ CVE-2023-33203 (The Linux kernel before 6.2.9 has a race 
condition and resultant
[buster] - linux 4.19.282-1
NOTE: 
https://git.kernel.org/linus/6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (6.3-rc4)
 CVE-2023-31729 (TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command 
Injection.)
-   TODO: check
+   NOT-FOR-US: TOTOLINK
 CVE-2023-2780 (Path Traversal: '\..\filename' in GitHub repository 
mlflow/mlflow prio ...)
TODO: check
 CVE-2023-2757 (The Waiting: One-click countdowns plugin for WordPress is 
vulnerable t ...)
-   TODO: check
+   NOT-FOR-US: Waiting: One-click countdowns plugin for WordPress
 CVE-2019-25137 (Umbraco CMS 7.12.4 allows Remote Code Execution by 
authenticated admin ...)
TODO: check
 CVE-2023-32763



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c474201035b1cb168b6231004287c72ca40e5d48

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c474201035b1cb168b6231004287c72ca40e5d48
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f59224e0 by Salvatore Bonaccorso at 2023-05-17T11:40:25+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -15,11 +15,11 @@ CVE-2023-2753 (Cross-site Scripting (XSS) - Stored in 
GitHub repository thorsten
 CVE-2023-2752 (Cross-site Scripting (XSS) - Stored in GitHub repository 
thorsten/phpm ...)
TODO: check
 CVE-2023-2706 (The OTP Login Woocommerce & Gravity Forms plugin for WordPress 
is vuln ...)
-   TODO: check
+   NOT-FOR-US: OTP Login Woocommerce & Gravity Forms plugin for WordPress
 CVE-2023-2608 (The Multiple Page Generator Plugin for WordPress is vulnerable 
to Cros ...)
TODO: check
 CVE-2023-2528 (The Contact Form by Supsystic plugin for WordPress is 
vulnerable to Cr ...)
-   TODO: check
+   NOT-FOR-US: Contact Form by Supsystic plugin for WordPress
 CVE-2023-2509 (A Cross-Site Scripting(XSS) vulnerability was found on ADM, 
LooksGood  ...)
TODO: check
 CVE-2023-2469



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f59224e0f893085c1a866a04b0da0be06c1a74e0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f59224e0f893085c1a866a04b0da0be06c1a74e0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c74e77ed by Salvatore Bonaccorso at 2023-05-16T21:12:28+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -73,7 +73,7 @@ CVE-2023-32955 (Improper neutralization of special elements 
used in an OS comman
 CVE-2023-32309 (PyMdown Extensions is a set of extensions for the 
`Python-Markdown` ma ...)
TODO: check
 CVE-2023-32308 (anuko timetracker is an open source time tracking system. 
Boolean-base ...)
-   TODO: check
+   NOT-FOR-US: Anuko Time Tracker
 CVE-2023-32068 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
NOT-FOR-US: XWiki
 CVE-2023-2710 (The video carousel slider with lightbox plugin for WordPress is 
vulner ...)
@@ -81,7 +81,7 @@ CVE-2023-2710 (The video carousel slider with lightbox plugin 
for WordPress is v
 CVE-2023-2708 (The Video Gallery plugin for WordPress is vulnerable to 
Reflected Cros ...)
NOT-FOR-US: Video Gallery plugin for WordPress
 CVE-2023-32787 (The OPC UA Legacy Java Stack before 6f176f2 enables an 
attacker to blo ...)
-   TODO: check
+   NOT-FOR-US: OPC UA Legacy Java Stack
 CVE-2023-32314 (vm2 is a sandbox that can run untrusted code with Node's 
built-in modu ...)
NOT-FOR-US: Node vm2
 CVE-2023-32313 (vm2 is a sandbox that can run untrusted code with Node's 
built-in modu ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c74e77ed6c3553bad74952d9adf43cb2664b631b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c74e77ed6c3553bad74952d9adf43cb2664b631b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f6e96e1f by Salvatore Bonaccorso at 2023-05-12T22:24:15+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -11273,7 +11273,7 @@ CVE-2023-27865
 CVE-2023-27864 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable 
to HTML  ...)
NOT-FOR-US: IBM
 CVE-2023-27863 (IBM Spectrum Protect Plus Server 10.1.13, under specific 
configuration ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-27862
RESERVED
 CVE-2023-27861
@@ -16580,7 +16580,7 @@ CVE-2023-25929
 CVE-2023-25928 (IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site scr ...)
NOT-FOR-US: IBM
 CVE-2023-25927 (IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 
10.0.4, and ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-25926
RESERVED
 CVE-2023-25925



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6e96e1f86a83c57fc689f2c2ffd75dc9d954abf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6e96e1f86a83c57fc689f2c2ffd75dc9d954abf
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ea818f76 by Salvatore Bonaccorso at 2023-05-09T22:21:38+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -22215,7 +22215,7 @@ CVE-2023-23886
 CVE-2023-23885 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
NOT-FOR-US: WordPress plugin
 CVE-2023-23884 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Kanb ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-23883 (Auth. (admin+) Stored Cross-Site Scripting (XSS) 
vulnerabilityin David ...)
TODO: check
 CVE-2023-23882
@@ -22914,7 +22914,7 @@ CVE-2023-23666
 CVE-2023-23665
RESERVED
 CVE-2023-23664 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-23663
RESERVED
 CVE-2023-23662



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea818f768e252fb3490b7bfdee1472f1266ca45c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea818f768e252fb3490b7bfdee1472f1266ca45c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b5712724 by Salvatore Bonaccorso at 2023-05-07T22:18:29+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,7 +1,7 @@
 CVE-2023-2565 (A vulnerability has been found in SourceCodester Multi Language 
Hotel  ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Multi Language Hotel Management Software
 CVE-2023-2564 (OS Command Injection in GitHub repository sbs20/scanservjs 
prior to v2 ...)
-   TODO: check
+   NOT-FOR-US: scanservjs (SANE scanner nodejs web ui)
 CVE-2023-32290 (The myMail app through 14.30 for iOS sends cleartext 
credentials in a  ...)
NOT-FOR-US: myMail app for iOS
 CVE-2023-2560 (A vulnerability was found in jja8 NewBingGoGo up to 2023.5.5.2. 
It has ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5712724042405443601c198cb16e968346cc829

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5712724042405443601c198cb16e968346cc829
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
df41dacc by Salvatore Bonaccorso at 2023-05-06T13:52:39+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -34,7 +34,7 @@ CVE-2023-31415 (Kibana version 8.7.0 contains an arbitrary 
code execution flaw.
 CVE-2023-31414 (Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code 
executio ...)
- kibana  (bug #700337)
 CVE-2023-31413 (Filebeat versions through 7.17.9 and 8.6.2 have a flaw in 
httpjson inp ...)
-   TODO: check
+   NOT-FOR-US: Filebeat
 CVE-2023-2535
REJECTED
NOT-FOR-US: KNIME
@@ -3529,7 +3529,7 @@ CVE-2023-30218
 CVE-2023-30217
RESERVED
 CVE-2023-30216 (Insecure permissions in the updateUserInfo function of 
newbee-mall bef ...)
-   TODO: check
+   NOT-FOR-US: newbee-mall
 CVE-2023-30215
RESERVED
 CVE-2023-30214



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df41daccc4b43784c8e54e0f7afc3bfc82b0353c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df41daccc4b43784c8e54e0f7afc3bfc82b0353c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
09c83aa6 by Salvatore Bonaccorso at 2023-05-04T23:07:53+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -18898,7 +18898,7 @@ CVE-2023-24960 (IBM InfoSphere Information Server 11.7 
could allow a remote atta
 CVE-2023-24959
RESERVED
 CVE-2023-24958 (A vulnerability in the IBM TS7700 Management Interface 
8.51.2.12, 8.52 ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-24957
RESERVED
 CVE-2023-24956 (Forget Heart Message Box v1.1 was discovered to contain a SQL 
injectio ...)
@@ -23406,7 +23406,7 @@ CVE-2023-23472
 CVE-2023-23471
RESERVED
 CVE-2023-23470 (IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated 
privileged a ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-23469 (IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 
18.0.2, 19.0. ...)
NOT-FOR-US: IBM
 CVE-2023-23468



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09c83aa6624bc2e1ab302d17e7c4dbd88efd2385

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09c83aa6624bc2e1ab302d17e7c4dbd88efd2385
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
26b0cc91 by Salvatore Bonaccorso at 2023-04-26T10:26:15+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -49501,7 +49501,7 @@ CVE-2022-41741 (NGINX Open Source before versions 
1.23.2 and 1.22.1, NGINX Open
 CVE-2022-41740 (IBM Robotic Process Automation 20.12 through 21.0.6 could 
allow an att ...)
NOT-FOR-US: IBM
 CVE-2022-41739 (IBM Spectrum Scale (IBM Spectrum Scale Container Native 
Storage Access ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-41738
RESERVED
 CVE-2022-41737
@@ -62862,7 +62862,7 @@ CVE-2022-36771 (IBM QRadar User Behavior Analytics 
could allow an authenticated
 CVE-2022-36770
RESERVED
 CVE-2022-36769 (IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged 
user to up ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-36768 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a 
non-privileged local ...)
NOT-FOR-US: IBM
 CVE-2022-2546 (The All-in-One WP Migration WordPress plugin before 7.63 uses 
the wron ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26b0cc912734077a75336caf6720622914da2338

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26b0cc912734077a75336caf6720622914da2338
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d898e605 by Salvatore Bonaccorso at 2023-04-25T10:26:13+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1630,9 +1630,9 @@ CVE-2023-30630 (Dmidecode before 3.5 allows -dump-bin to 
overwrite a local file.
NOTE: 
https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206
NOTE: 
https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2
 CVE-2023-30629 (Vyper is a Pythonic Smart Contract Language for the ethereum 
virtual m ...)
-   TODO: check
+   NOT-FOR-US: Vyper
 CVE-2023-30628 (Kiwi TCMS is an open source test management system. In 
kiwitcms/Kiwi v ...)
-   TODO: check
+   NOT-FOR-US: Kiwi TCMS
 CVE-2023-30627 (jellyfin-web is the web client for Jellyfin, a free-software 
media sys ...)
TODO: check
 CVE-2023-30626 (Jellyfin is a free-software media system. Versions starting 
with 10.8. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d898e60533d540c6d76355742b344b5517471ff3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d898e60533d540c6d76355742b344b5517471ff3
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
263122bd by Salvatore Bonaccorso at 2023-04-19T14:08:31+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -3420,6 +3420,7 @@ CVE-2023-1945
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-1945
 CVE-2023-1944
RESERVED
+   NOT-FOR-US: minikube
 CVE-2023-1943
RESERVED
 CVE-2015-10099 (A vulnerability classified as critical has been found in CP 
Appointmen ...)
@@ -9886,6 +9887,7 @@ CVE-2023-22437
RESERVED
 CVE-2023-1174
RESERVED
+   NOT-FOR-US: minikube
 CVE-2023-1173
REJECTED
 CVE-2023-1172 (The Bookly plugin for WordPress is vulnerable to Stored 
Cross-Site Scr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/263122bd2117d52f8fc3262d82d394804d567aec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/263122bd2117d52f8fc3262d82d394804d567aec
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c30545da by Salvatore Bonaccorso at 2023-04-18T11:55:46+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -73,9 +73,9 @@ CVE-2023-2122
 CVE-2023-2121
RESERVED
 CVE-2023-2120 (The Thumbnail carousel slider plugin for WordPress is 
vulnerable to Re ...)
-   TODO: check
+   NOT-FOR-US: Thumbnail carousel slider plugin for WordPress
 CVE-2023-2119 (The Responsive Filterable Portfolio plugin for WordPress is 
vulnerable ...)
-   TODO: check
+   NOT-FOR-US: Responsive Filterable Portfolio plugin for WordPress
 CVE-2023-2118
RESERVED
 CVE-2023-2117



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c30545dab6ed7b5158cc695c1aa0c0634eaab230

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c30545dab6ed7b5158cc695c1aa0c0634eaab230
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ee87fd23 by Salvatore Bonaccorso at 2023-04-16T14:51:19+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -2,6 +2,7 @@ CVE-2023-30773
RESERVED
 CVE-2023-30771
RESERVED
+   NOT-FOR-US: Apache IoTDB
 CVE-2015-10103
RESERVED
 CVE-2015-10102
@@ -17140,6 +17141,7 @@ CVE-2016-15023 (A vulnerability, which was classified 
as problematic, was found
NOT-FOR-US: SiteFusion
 CVE-2023-24831
RESERVED
+   NOT-FOR-US: Apache IoTDB
 CVE-2023-24828 (Onedev is a self-hosted Git Server with CI/CD and Kanban. In 
versions  ...)
NOT-FOR-US: Onedev
 CVE-2023-24827 (syft is a a CLI tool and Go library for generating a Software 
Bill of  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee87fd23e9b5dce9b6a5cc0bda806d300d727447

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee87fd23e9b5dce9b6a5cc0bda806d300d727447
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e78ea0ae by Salvatore Bonaccorso at 2023-03-30T22:18:40+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -15687,7 +15687,7 @@ CVE-2023-23679
 CVE-2023-23678
RESERVED
 CVE-2023-23677 (Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix 
GTmetri ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-23676
RESERVED
 CVE-2023-23675 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Catc ...)
@@ -15701,7 +15701,7 @@ CVE-2023-23672
 CVE-2023-23671
RESERVED
 CVE-2023-23670 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability 
in Team  ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-23669
RESERVED
 CVE-2023-23668



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e78ea0ae637009b7fba12fe700dba04996541187

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e78ea0ae637009b7fba12fe700dba04996541187
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b465f724 by Salvatore Bonaccorso at 2023-03-29T22:43:51+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -930,7 +930,7 @@ CVE-2023-1577
 CVE-2023-1576
RESERVED
 CVE-2023-1575 (The Mega Main Menu plugin for WordPress is vulnerable to Stored 
Cross- ...)
-   TODO: check
+   NOT-FOR-US: Mega Main Menu plugin for WordPress
 CVE-2023-1574 (Information disclosure in the user creation feature of a MSSQL 
data so ...)
NOT-FOR-US: Devolutions
 CVE-2023-1573 (A vulnerability was found in DataGear up to 1.11.1 and 
classified as p ...)
@@ -1325,7 +1325,7 @@ CVE-2023-1511
 CVE-2023-1510
RESERVED
 CVE-2023-1509 (The GMAce plugin for WordPress is vulnerable to Cross-Site 
Request For ...)
-   TODO: check
+   NOT-FOR-US: GMAce plugin for WordPress
 CVE-2023-1508
RESERVED
 CVE-2023-1507 (A vulnerability has been found in SourceCodester E-Commerce 
System 1.0 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b465f72495c631dafc6686ccbc82c5f15af8bfe8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b465f72495c631dafc6686ccbc82c5f15af8bfe8
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
82ae5927 by Salvatore Bonaccorso at 2023-03-25T21:14:46+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -5590,7 +5590,7 @@ CVE-2023-27044
 CVE-2023-27043
RESERVED
 CVE-2023-27042 (Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via 
/goform/Se ...)
-   TODO: check
+   NOT-FOR-US: Tenda
 CVE-2023-27041 (School Registration and Fee System v1.0 was discovered to 
contain a SQ ...)
NOT-FOR-US: School Registration and Fee System
 CVE-2023-27040 (Simple Image Gallery v1.0 was discovered to contain a remote 
code exec ...)
@@ -78835,7 +78835,7 @@ CVE-2022-28497 (TOTOLink outdoor CPE CP900 
V6.3c.566_B20171026 is discovered to
 CVE-2022-28496 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to 
contain a ...)
NOT-FOR-US: TOTOLINK
 CVE-2022-28495 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered 
to contai ...)
-   TODO: check
+   NOT-FOR-US: TOTOLINK
 CVE-2022-28494 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered 
to contai ...)
NOT-FOR-US: TOTOLINK
 CVE-2022-28493 (A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers 
to start  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82ae59277b469ac65a78cd04b67e4221ff014737

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82ae59277b469ac65a78cd04b67e4221ff014737
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
56efda40 by Salvatore Bonaccorso at 2023-03-16T11:11:06+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -53,9 +53,9 @@ CVE-2023-28463
 CVE-2023-28462
RESERVED
 CVE-2023-28461 (Array Networks Array AG Series and vxAG (9.4.0.481 and 
earlier) allow  ...)
-   TODO: check
+   NOT-FOR-US: Array Networks
 CVE-2023-28460 (A command injection vulnerability was discovered in Array 
Networks APV ...)
-   TODO: check
+   NOT-FOR-US: Array Networks
 CVE-2023-28459
RESERVED
 CVE-2023-28458



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56efda40a38456676fa4d4539630028511284edf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56efda40a38456676fa4d4539630028511284edf
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0eccc9a8 by Salvatore Bonaccorso at 2023-03-16T07:46:17+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -11386,6 +11386,7 @@ CVE-2023-22315 (Snap One Wattbox WB-300-IP-3 versions 
WB10.9a17 and prior use a
NOT-FOR-US: Snap One Wattbox WB-300-IP-3
 CVE-2023-0456
RESERVED
+   NOT-FOR-US: Red Hat 3scale API gateway
 CVE-2023-0455 (Unrestricted Upload of File with Dangerous Type in GitHub 
repository u ...)
NOT-FOR-US: unilogies/bumsys
 CVE-2023-0454 (OrangeScrum version 2.0.11 allows an authenticated external 
attacker t ...)
@@ -14144,6 +14145,7 @@ CVE-2023-0265
RESERVED
 CVE-2023-0264
RESERVED
+   NOT-FOR-US: Keycloak
 CVE-2023-0263 (The WP Yelp Review Slider WordPress plugin before 7.1 does not 
properl ...)
NOT-FOR-US: WordPress plugin
 CVE-2023-0262 (The WP Airbnb Review Slider WordPress plugin before 3.3 does 
not prope ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0eccc9a86c49257e7db04df8af426e43e137c20b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0eccc9a86c49257e7db04df8af426e43e137c20b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b2ce62e2 by Salvatore Bonaccorso at 2023-03-10T21:12:31+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -211,9 +211,9 @@ CVE-2023-1336
 CVE-2023-1335
RESERVED
 CVE-2023-1334 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is 
vulnera ...)
-   TODO: check
+   NOT-FOR-US: RapidLoad Power-Up for Autoptimize plugin for WordPress
 CVE-2023-1333 (The RapidLoad Power-Up for Autoptimize plugin for WordPress is 
vulnera ...)
-   TODO: check
+   NOT-FOR-US: RapidLoad Power-Up for Autoptimize plugin for WordPress
 CVE-2023-1332
RESERVED
 CVE-2023-1331



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2ce62e2f6daf5acd6346211891f8701d2388ee3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2ce62e2f6daf5acd6346211891f8701d2388ee3
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
81d882bb by Salvatore Bonaccorso at 2023-03-04T15:12:37+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -67,9 +67,9 @@ CVE-2023-27569
 CVE-2023-27568
RESERVED
 CVE-2023-27567 (In OpenBSD 7.2, a TCP packet with destination port 0 that 
matches a pf ...)
-   TODO: check
+   NOT-FOR-US: OpenBSD
 CVE-2023-27566 (Cubism Core in Live2D Cubism Editor 4.2.03 allows 
out-of-bounds write  ...)
-   TODO: check
+   NOT-FOR-US: Live2D Cubism Editor
 CVE-2023-27565
RESERVED
 CVE-2023-27564



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81d882bbc560425c244070416f19ddbb2ce53787

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81d882bbc560425c244070416f19ddbb2ce53787
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cd396fdc by Salvatore Bonaccorso at 2023-03-04T09:56:13+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -878,7 +878,7 @@ CVE-2023-1080 (The GN Publisher plugin for WordPress is 
vulnerable to Reflected
 CVE-2023-27291
RESERVED
 CVE-2023-27290 (Docker based datastores for IBM Instana (IBM Observability 
with Instan ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2023-27289
RESERVED
 CVE-2023-27288
@@ -3154,7 +3154,7 @@ CVE-2023-0970
 CVE-2023-0969
RESERVED
 CVE-2023-0968 (The Watu Quiz plugin for WordPress is vulnerable to Reflected 
Cross-Si ...)
-   TODO: check
+   NOT-FOR-US: Watu Quiz plugin for WordPress
 CVE-2023-0967
RESERVED
 CVE-2023-0966 (A vulnerability classified as problematic was found in 
SourceCodester  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd396fdc918d6e34b3f3d494ad8d6ed54a3f51ca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd396fdc918d6e34b3f3d494ad8d6ed54a3f51ca
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7e22143f by Salvatore Bonaccorso at 2023-03-02T21:15:07+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -31,7 +31,7 @@ CVE-2023-27522
 CVE-2023-23567
RESERVED
 CVE-2023-1155 (The Cost Calculator plugin for WordPress is vulnerable to 
Stored Cross ...)
-   TODO: check
+   NOT-FOR-US: Cost Calculator plugin for WordPress
 CVE-2023-1154
RESERVED
 CVE-2023-1153
@@ -13770,7 +13770,7 @@ CVE-2023-0087 (The Swifty Page Manager plugin for 
WordPress is vulnerable to Sto
 CVE-2023-0086 (The JetWidgets for Elementor plugin for WordPress is vulnerable 
to Cro ...)
NOT-FOR-US: JetWidgets for Elementor plugin for WordPress
 CVE-2023-0085 (The Metform Elementor Contact Form Builder plugin for WordPress 
is vul ...)
-   TODO: check
+   NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
 CVE-2023-0084
RESERVED
 CVE-2023-0083



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e22143f33b2a3e8e2b0624198447bc60dae8a90

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e22143f33b2a3e8e2b0624198447bc60dae8a90
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2ebe468c by Salvatore Bonaccorso at 2023-03-02T09:37:14+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -236060,7 +236060,7 @@ CVE-2020-5028
 CVE-2020-5027
RESERVED
 CVE-2020-5026 (IBM Financial Transaction Manager for Digital Payments for 
Multi-Platf ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2020-5025 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect 
Server) 9.7, ...)
NOT-FOR-US: IBM
 CVE-2020-5024 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect 
Server) 9.7, ...)
@@ -236110,7 +236110,7 @@ CVE-2020-5003 (IBM Financial Transaction Manager 
3.2.4 is vulnerable to an XML E
 CVE-2020-5002
RESERVED
 CVE-2020-5001 (IBM Financial Transaction Manager 3.2.0 through 3.2.7 could 
allow a re ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2020-5000 (IBM Financial Transaction Manager 3.2.0 through 3.2.8 is 
vulnerable to ...)
NOT-FOR-US: IBM
 CVE-2020-4999



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ebe468cc76597a84d4a9445d4f4cef059572221

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ebe468cc76597a84d4a9445d4f4cef059572221
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5b4ad49c by Salvatore Bonaccorso at 2023-03-02T07:07:13+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -23082,6 +23082,7 @@ CVE-2022-4138 (A Cross Site Request Forgery issue has 
been discovered in GitLab
- gitlab 
 CVE-2022-4137
RESERVED
+   NOT-FOR-US: Keycloak
 CVE-2022-45873 (systemd 250 and 251 allows local users to achieve a 
systemd-coredump d ...)
- systemd 252-1
[bullseye] - systemd  (Vulnerable code introduced later)
@@ -56304,6 +56305,7 @@ CVE-2022-2238 (A vulnerability was found in the 
search-api container in Red Hat
NOT-FOR-US: Red Hat Advanced Cluster Management for Kubernetes 2 / 
Stolostron
 CVE-2022-2237
RESERVED
+   NOT-FOR-US: Keycloak
 CVE-2022-2236
RESERVED
 CVE-2022-2235 (Insufficient sanitization in GitLab EE's external issue tracker 
affect ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4ad49c91f218f6cd122fd506eb7a3ab7331291

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b4ad49c91f218f6cd122fd506eb7a3ab7331291
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a318bda1 by Salvatore Bonaccorso at 2023-02-25T10:58:40+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,9 +1,9 @@
 CVE-2023-1031
RESERVED
 CVE-2023-1030 (A vulnerability has been found in SourceCodester Online Boat 
Reservati ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Online BoatReservation System
 CVE-2023-1029 (The WP Meta SEO plugin for WordPress is vulnerable to 
Cross-Site Reque ...)
-   TODO: check
+   NOT-FOR-US: WP Meta SEO plugin for WordPress
 CVE-2023-1028
RESERVED
 CVE-2023-1027



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a318bda114529ce675fd1fd1f5b28645fe2b79d1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a318bda114529ce675fd1fd1f5b28645fe2b79d1
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a9551e63 by Salvatore Bonaccorso at 2023-02-24T09:37:16+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -431,7 +431,7 @@ CVE-2023-26328
 CVE-2023-26327
RESERVED
 CVE-2023-26326 (The BuddyForms WordPress plugin, in versions prior to 2.7.8, 
was affec ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2023-26325 (The 'rx_export_review' action in the ReviewX WordPress Plugin 
version  ...)
TODO: check
 CVE-2023-26324
@@ -6448,7 +6448,7 @@ CVE-2023-24214
 CVE-2023-24213
RESERVED
 CVE-2023-24212 (Tenda AX3 V16.03.12.11 was discovered to contain a stack 
overflow via  ...)
-   TODO: check
+   NOT-FOR-US: Tenda
 CVE-2023-24211
RESERVED
 CVE-2023-24210



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9551e63f55757560b1d8d705bfe5236be796353

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9551e63f55757560b1d8d705bfe5236be796353
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bf8e04c7 by Salvatore Bonaccorso at 2023-02-20T10:19:37+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -91,9 +91,9 @@ CVE-2023-26057
 CVE-2023-0920
RESERVED
 CVE-2022-48329 (MISP before 2.4.166 unsafely allows users to use the order 
parameter,  ...)
-   TODO: check
+   NOT-FOR-US: MISP
 CVE-2022-48328 (app/Controller/Component/IndexFilterComponent.php in MISP 
before 2.4.1 ...)
-   TODO: check
+   NOT-FOR-US: MISP
 CVE-2021-4325
RESERVED
 CVE-2017-20179



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf8e04c756c1b1760335bd1a3ebd3efd6218

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf8e04c756c1b1760335bd1a3ebd3efd6218
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c34bb48f by Salvatore Bonaccorso at 2023-02-07T21:46:34+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -8211,7 +8211,7 @@ CVE-2023-22645
 CVE-2023-22644
RESERVED
 CVE-2023-22643 (An Improper Neutralization of Special Elements used in an OS 
Command ( ...)
-   TODO: check
+   NOT-FOR-US: SAP
 CVE-2023-22642
RESERVED
 CVE-2023-22641
@@ -60455,7 +60455,7 @@ CVE-2022-31256 (A Improper Link Resolution Before File 
Access ('Link Following')
 CVE-2022-31255 (An Improper Limitation of a Pathname to a Restricted Directory 
('Path  ...)
NOT-FOR-US: Uyuni
 CVE-2022-31254 (A Incorrect Default Permissions vulnerability in 
rmt-server-regsharing ...)
-   TODO: check
+   NOT-FOR-US: SAP
 CVE-2022-31253 (A Untrusted Search Path vulnerability in openldap2 of openSUSE 
Factory ...)
TODO: check
 CVE-2022-31252 (A Incorrect Authorization vulnerability in chkstat of SUSE 
Linux Enter ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c34bb48f21a8c254a1598b3c6167c3ee3bea4e6b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c34bb48f21a8c254a1598b3c6167c3ee3bea4e6b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c5fc4428 by Salvatore Bonaccorso at 2023-02-06T21:35:47+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -3144,7 +3144,7 @@ CVE-2023-24278
 CVE-2023-24277
RESERVED
 CVE-2023-24276 (TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to 
contain a co ...)
-   TODO: check
+   NOT-FOR-US: TOTOLINK
 CVE-2023-24275
RESERVED
 CVE-2023-24274
@@ -39718,7 +39718,7 @@ CVE-2022-2935 (The Image Hover Effects Ultimate plugin 
for WordPress is vulnerab
 CVE-2022-2934 (The Beaver Builder  WordPress Page Builder for WordPress 
is vul ...)
NOT-FOR-US: WordPress Page Builder
 CVE-2022-2933 (The 0mk Shortener plugin for WordPress is vulnerable to 
Cross-Site Req ...)
-   TODO: check
+   NOT-FOR-US: 0mk Shortener plugin for WordPress
 CVE-2022-2932 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
bustle/mob ...)
NOT-FOR-US: Mobiledoc Kit
 CVE-2022-2931 (A potential DOS vulnerability was discovered in GitLab CE/EE 
affecting ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5fc4428de2ffc4a2bf1119d94d0300e03cc1bf9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5fc4428de2ffc4a2bf1119d94d0300e03cc1bf9
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a7a0cead by Salvatore Bonaccorso at 2023-02-01T09:21:27+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -361,7 +361,7 @@ CVE-2023-24833
 CVE-2023-24832
RESERVED
 CVE-2023-0587 (A file upload vulnerability in exists in Trend Micro Apex One 
server b ...)
-   TODO: check
+   NOT-FOR-US: Trend Micro
 CVE-2023-0586
RESERVED
 CVE-2023-0585
@@ -18446,7 +18446,7 @@ CVE-2022-45104
 CVE-2022-45103 (Dell Unisphere for PowerMax vApp, VASA Provider vApp, and 
Solution Ena ...)
NOT-FOR-US: Dell
 CVE-2022-45102 (Dell EMC Data Protection Central, versions 19.1 through 19.7, 
contains ...)
-   TODO: check
+   NOT-FOR-US: EMC
 CVE-2022-45101 (Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper 
Handling ...)
TODO: check
 CVE-2022-45100 (Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an 
Improper Cert ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7a0cead354f0993dcba27b699c629db1e53f102

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7a0cead354f0993dcba27b699c629db1e53f102
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e6a2479b by Salvatore Bonaccorso at 2023-01-28T21:16:08+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,9 +1,9 @@
 CVE-2023-0562
RESERVED
 CVE-2023-0561 (A vulnerability, which was classified as critical, was found in 
Source ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Online Tours & Travels Management System
 CVE-2023-0560 (A vulnerability, which was classified as critical, has been 
found in S ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Online Tours & Travels Management System
 CVE-2016-15022
RESERVED
 CVE-2009-10003



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6a2479bdb964996c96f9b0e21e2e74d2f3c9d22

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6a2479bdb964996c96f9b0e21e2e74d2f3c9d22
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9aae9976 by Salvatore Bonaccorso at 2023-01-26T18:25:39+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -2417,9 +2417,9 @@ CVE-2023-23615
 CVE-2023-23614
RESERVED
 CVE-2023-23613 (OpenSearch is an open source distributed and RESTful search 
engine. In ...)
-   TODO: check
+   NOT-FOR-US: OpenSearch
 CVE-2023-23612 (OpenSearch is an open source distributed and RESTful search 
engine. Op ...)
-   TODO: check
+   NOT-FOR-US: OpenSearch
 CVE-2023-23611 (LTI Consumer XBlock implements the consumer side of the LTI 
specificat ...)
NOT-FOR-US: LTI
 CVE-2023-23610 (GLPI is a Free Asset and IT Management Software package. 
Versions prio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9aae9976786b251a91cb703f07131d1601342387

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9aae9976786b251a91cb703f07131d1601342387
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8920c8cc by Salvatore Bonaccorso at 2023-01-26T07:49:30+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -5135,6 +5135,7 @@ CVE-2023-22737
RESERVED
 CVE-2023-22736
RESERVED
+   NOT-FOR-US: Argo CD
 CVE-2023-22735
RESERVED
 CVE-2023-22734 (Shopware is an open source commerce platform based on Symfony 
Framewor ...)
@@ -6133,7 +6134,7 @@ CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a 
CommonMark parsing and re
 CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and 
renderin ...)
TODO: check
 CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for 
Kubernet ...)
-   TODO: check
+   NOT-FOR-US: Argo CD
 CVE-2023-22481
RESERVED
 CVE-2023-22480 (KubeOperator is an open source Kubernetes distribution focused 
on help ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8920c8cce59ec01ba78ecaecf9ff3174f904c63a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8920c8cce59ec01ba78ecaecf9ff3174f904c63a
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2f69c501 by Salvatore Bonaccorso at 2023-01-09T21:17:35+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -41388,7 +41388,7 @@ CVE-2022-35283 (IBM Security Verify Information Queue 
10.0.2 could allow an auth
 CVE-2022-35282 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is 
vulnerable  ...)
NOT-FOR-US: IBM
 CVE-2022-35281 (IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the 
IBM Maxi ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-35280 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does 
not req ...)
NOT-FOR-US: IBM
 CVE-2022-35279 ("IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 
18.0.0.2, 19.0.0 ...)
@@ -80393,7 +80393,7 @@ CVE-2022-22472 (IBM Spectrum Protect Plus Container 
Backup and Restore (10.1.5 t
 CVE-2022-22471
RESERVED
 CVE-2022-22470 (IBM Security Verify Governance 10.0 stores user credentials in 
plain c ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-22469
RESERVED
 CVE-2022-22468



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f69c501cbce691c3b53126a9135a531a2546c2b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f69c501cbce691c3b53126a9135a531a2546c2b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f09028b9 by Salvatore Bonaccorso at 2023-01-02T10:30:38+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -71,7 +71,7 @@ CVE-2022-4869
 CVE-2022-48199
RESERVED
 CVE-2021-4297 (A vulnerability has been found in trampgeek jobe up to 1.6.4 
and class ...)
-   TODO: check
+   NOT-FOR-US: trampgeek jobe
 CVE-2018-25063 (A vulnerability classified as problematic was found in Zenoss 
Dashboar ...)
NOT-FOR-US: Zenoss Dashboard
 CVE-2018-25062 (A vulnerability classified as problematic has been found in 
flar2 Elem ...)
@@ -81,7 +81,7 @@ CVE-2015-10006 (A vulnerability, which was classified as 
problematic, has been f
 CVE-2014-125030 (A vulnerability, which was classified as critical, has been 
found in t ...)
NOT-FOR-US: taoeffect Empress
 CVE-2013-10006 (A vulnerability classified as problematic was found in Ziftr 
primecoin ...)
-   TODO: check
+   NOT-FOR-US: Ziftr primecoin
 CVE-2010-10002 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as 
problema ...)
TODO: check
 CVE-2023-22550



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f09028b9a5a9331c5a4d3c2022828ec1828ee2d7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f09028b9a5a9331c5a4d3c2022828ec1828ee2d7
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a99f561e by Salvatore Bonaccorso at 2023-01-01T10:23:36+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -105,13 +105,13 @@ CVE-2022-48198 (The ntpd_driver component before 1.3.0 
and 2.x before 2.2.0 for
 CVE-2022-48197
RESERVED
 CVE-2018-25061 (A vulnerability was found in rgb2hex up to 0.1.5. It has been 
rated as ...)
-   TODO: check
+   NOT-FOR-US: rgb2hex
 CVE-2017-20160 (A vulnerability was found in flitto express-param up to 0.x. 
It has be ...)
TODO: check
 CVE-2014-125029
RESERVED
 CVE-2014-125028 (A vulnerability was found in valtech IDP Test Client and 
classified as ...)
-   TODO: check
+   NOT-FOR-US: valtech IDP Test Client
 CVE-2022-4868 (Improper Authorization in GitHub repository froxlor/froxlor 
prior to 2 ...)
- froxlor  (bug #581792)
 CVE-2022-4867 (Cross-Site Request Forgery (CSRF) in GitHub repository 
froxlor/froxlor ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a99f561e44156f7ccc70e3241203d31fe56b556e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a99f561e44156f7ccc70e3241203d31fe56b556e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a914286f by Salvatore Bonaccorso at 2022-12-23T12:34:04+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -11,7 +11,7 @@ CVE-2022-47930
 CVE-2022-47929
RESERVED
 CVE-2022-47928 (In MISP before 2.4.167, there is XSS in the template file 
uploads in a ...)
-   TODO: check
+   NOT-FOR-US: MISP
 CVE-2022-47927
RESERVED
 CVE-2022-47914
@@ -43907,7 +43907,7 @@ CVE-2022-33326 (Multiple command injection 
vulnerabilities exist in the web_serv
 CVE-2022-33325 (Multiple command injection vulnerabilities exist in the 
web_server aja ...)
NOT-FOR-US: Robustel R1510
 CVE-2022-33324 (Improper Resource Shutdown or Release vulnerability in 
Mitsubishi Elec ...)
-   TODO: check
+   NOT-FOR-US: Mitsubishi
 CVE-2022-33323
RESERVED
 CVE-2022-33322 (Cross-site scripting vulnerability in Mitsubishi Electric 
consumer ele ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a914286fb15befc8967efda3532621fc2095cb4f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a914286fb15befc8967efda3532621fc2095cb4f
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3551f0f3 by Salvatore Bonaccorso at 2022-12-16T21:15:01+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -21,7 +21,7 @@ CVE-2022-4557
 CVE-2022-4556 (A vulnerability was found in Alinto SOGo up to 5.7.1 and 
classified as ...)
TODO: check
 CVE-2022-4555 (The WP Shamsi plugin for WordPress is vulnerable to 
authorization bypa ...)
-   TODO: check
+   NOT-FOR-US: WP Shamsi plugin for WordPress
 CVE-2022-4554
RESERVED
 CVE-2022-4553
@@ -4400,7 +4400,7 @@ CVE-2022-46111
 CVE-2022-46110
RESERVED
 CVE-2022-46109 (Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via 
function  ...)
-   TODO: check
+   NOT-FOR-US: Tenda
 CVE-2022-46108
RESERVED
 CVE-2022-46107



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3551f0f34e030f4097106e792a77612f285db3ed

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3551f0f34e030f4097106e792a77612f285db3ed
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1ffd0da3 by Salvatore Bonaccorso at 2022-12-06T21:17:47+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -10564,7 +10564,7 @@ CVE-2022-43869
 CVE-2022-43868
RESERVED
 CVE-2022-43867 (IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local 
attacke ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-43866
RESERVED
 CVE-2022-43865
@@ -36168,7 +36168,7 @@ CVE-2022-2191 (In Eclipse Jetty versions 10.0.0 thru 
10.0.9, and 11.0.0 thru 11.
 CVE-2022-34362
RESERVED
 CVE-2022-34361 (IBM Sterling Secure Proxy 6.0.3 uses weaker than expected 
cryptographi ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-34360
RESERVED
 CVE-2022-34359



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ffd0da3c68389246adbf292f54d1bcf6061ff31

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ffd0da3c68389246adbf292f54d1bcf6061ff31
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ebfb10f3 by Salvatore Bonaccorso at 2022-12-05T10:18:26+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -10472,9 +10472,9 @@ CVE-2022-43487 (Cross-site scripting vulnerability in 
Salon booking system versi
 CVE-2022-43484 (TERASOLUNA Global Framework 1.0.0 (Public review version) and 
TERASOLU ...)
TODO: check
 CVE-2022-43470 (Cross-site request forgery (CSRF) vulnerability in +F FS040U 
software  ...)
-   TODO: check
+   NOT-FOR-US: +F software
 CVE-2022-43442 (Plaintext storage of a password vulnerability exists in +F 
FS040U soft ...)
-   TODO: check
+   NOT-FOR-US: +F software
 CVE-2022-42486
RESERVED
 CVE-2022-41994



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebfb10f32c45cac6dd66bafd5badc5a9746184de

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebfb10f32c45cac6dd66bafd5badc5a9746184de
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4be48834 by Salvatore Bonaccorso at 2022-12-04T21:16:22+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -32051,9 +32051,9 @@ CVE-2022-35510
 CVE-2022-35509 (An issue was discovered in EyouCMS 1.5.8. There is a Storage 
XSS vulne ...)
NOT-FOR-US: Eyoucms
 CVE-2022-35508 (Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway 
(PMG) are v ...)
-   TODO: check
+   NOT-FOR-US: Proxmox
 CVE-2022-35507 (A response-header CRLF injection vulnerability in the Proxmox 
Virtual  ...)
-   TODO: check
+   NOT-FOR-US: Proxmox
 CVE-2022-35506 (TripleCross v0.1.0 was discovered to contain a stack overflow 
which oc ...)
NOT-FOR-US: TripleCross
 CVE-2022-35505 (A segmentation fault in TripleCross v0.1.0 occurs when sending 
a contr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4be48834d3721ecd1a4925081aca2730af5489b7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4be48834d3721ecd1a4925081aca2730af5489b7
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
baf8b8f4 by Salvatore Bonaccorso at 2022-11-26T09:17:18+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -3113,9 +3113,9 @@ CVE-2022-44846
 CVE-2022-44845
RESERVED
 CVE-2022-44844 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to 
contain a com ...)
-   TODO: check
+   NOT-FOR-US: TOTOLINK
 CVE-2022-44843 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to 
contain a com ...)
-   TODO: check
+   NOT-FOR-US: TOTOLINK
 CVE-2022-44842
RESERVED
 CVE-2022-44841



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/baf8b8f4596e48b6dc5728a38ddbc2a3499cb22d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/baf8b8f4596e48b6dc5728a38ddbc2a3499cb22d
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
eb8083b2 by Salvatore Bonaccorso at 2022-11-22T21:19:10+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -3037,7 +3037,7 @@ CVE-2022-44739
 CVE-2022-44738
RESERVED
 CVE-2022-44737 (Multiple Cross-Site Request Forgery vulnerabilities in 
All-In-One Secu ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2022-44736 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Cham ...)
NOT-FOR-US: WordPress plugin
 CVE-2022-44735
@@ -17344,7 +17344,7 @@ CVE-2022-40230 ("IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 
CD, and LTS 9.3 does not
 CVE-2022-40229
RESERVED
 CVE-2022-40228 (IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-40227 (A vulnerability has been identified in SIMATIC HMI Comfort 
Panels (inc ...)
NOT-FOR-US: Siemens
 CVE-2022-40226 (A vulnerability has been identified in SICAM P850 (All 
versions  V ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb8083b2bda17692452143ce239b40488261e8d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb8083b2bda17692452143ce239b40488261e8d3
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
77e9353c by Salvatore Bonaccorso at 2022-11-17T21:16:35+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -15199,7 +15199,7 @@ CVE-2022-40753 (IBM InfoSphere Information Server 11.7 
is vulnerable to cross-si
 CVE-2022-40752 (IBM InfoSphere DataStage 11.7 is vulnerable to a command 
injection vul ...)
NOT-FOR-US: IBM
 CVE-2022-40751 (IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 
through 7 ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-40750 (IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to 
cross-s ...)
NOT-FOR-US: IBM
 CVE-2022-40749
@@ -21466,7 +21466,7 @@ CVE-2022-2871 (Cross-site Scripting (XSS) - Stored in 
GitHub repository notrinos
 CVE-2022-38391
RESERVED
 CVE-2022-38390 (Multiple IBM Business Automation Workflow versions are 
vulnerable to c ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-38389
RESERVED
 CVE-2022-38388 (IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could 
allow a loc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77e9353cee48c6a452986a96c702678d2832551e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77e9353cee48c6a452986a96c702678d2832551e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process two NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2fb292f6 by Salvatore Bonaccorso at 2022-11-16T09:30:49+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -15046,7 +15046,7 @@ CVE-2022-3234 (Heap-based Buffer Overflow in GitHub 
repository vim/vim prior to
 CVE-2022-40754 (In Apache Airflow 2.3.0 through 2.3.4, there was an open 
redirect in t ...)
- airflow  (bug #819700)
 CVE-2022-40753 (IBM InfoSphere Information Server 11.7 is vulnerable to 
cross-site scr ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-40752
RESERVED
 CVE-2022-40751
@@ -21315,7 +21315,7 @@ CVE-2022-38387 (IBM Cloud Pak for Security (CP4S) 
1.10.0.0 through 1.10.2.0 coul
 CVE-2022-38386
RESERVED
 CVE-2022-38385 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 
could allo ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-38384
RESERVED
 CVE-2022-38383



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2fb292f63e905f933aaa88bc4a5535dd5577471e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2fb292f63e905f933aaa88bc4a5535dd5577471e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits