[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Apr 6 16:45:28 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a2de236c by Moritz Mühlenhoff at 2023-04-06T17:44:58+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -226,7 +226,7 @@ CVE-2023-29376
CVE-2023-29375
RESERVED
CVE-2023-29374 (In LangChain through 0.0.131, the LLMMathChain chain allows prompt inj ...)
- TODO: check
+ NOT-FOR-US: LangChain
CVE-2023-29373
RESERVED
CVE-2023-29372
@@ -823,7 +823,7 @@ CVE-2023-24591
CVE-2023-1789 (Improper Input Validation in GitHub repository firefly-iii/firefly-iii ...)
NOT-FOR-US: firefly-iii
CVE-2023-1788 (Insufficient Session Expiration in GitHub repository firefly-iii/firef ...)
- TODO: check
+ NOT-FOR-US: firefly-iii
CVE-2023-1787 (An issue has been discovered in GitLab affecting all versions starting ...)
TODO: check
CVE-2023-1786
@@ -1075,11 +1075,11 @@ CVE-2023-1760 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten
CVE-2023-1759 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
NOT-FOR-US: phpmyfaq
CVE-2023-1758 (Failure to Sanitize Special Elements into a Different Plane (Special E ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2023-1757 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2023-1756 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
- TODO: check
+ NOT-FOR-US: phpmyfaq
CVE-2023-1755 (Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/php ...)
NOT-FOR-US: phpmyfaq
CVE-2023-1754 (Improper Input Validation in GitHub repository thorsten/phpmyfaq prior ...)
@@ -1281,13 +1281,13 @@ CVE-2023-29008
CVE-2023-29007
RESERVED
CVE-2023-29006 (The Order GLPI plugin allows users to manage order management within G ...)
- TODO: check
+ NOT-FOR-US: GLPI plugin
CVE-2023-29005
RESERVED
CVE-2023-29004
RESERVED
CVE-2023-29003 (SvelteKit is a web development framework. The SvelteKit framework offe ...)
- TODO: check
+ NOT-FOR-US: SvelteKit
CVE-2023-29002
RESERVED
CVE-2023-29001
@@ -1838,11 +1838,11 @@ CVE-2023-28857
CVE-2023-28856
RESERVED
CVE-2023-28855 (Fields is a GLPI plugin that allows users to add custom fields on GLPI ...)
- TODO: check
+ NOT-FOR-US: GLPI plugin
CVE-2023-28854 (nophp is a PHP web framework. Prior to version 0.0.1, nophp is vulnera ...)
NOT-FOR-US: nophp
CVE-2023-28853 (Mastodon is a free, open-source social network server based on Activit ...)
- TODO: check
+ - mastodon <itp> (bug #859741)
CVE-2023-28852 (GLPI is a free asset and IT management software package. Starting in v ...)
TODO: check
CVE-2023-28851 (Silverstripe Form Capture provides a method to capture simple silverst ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2de236c65c7cf481f5da63a9bd1f690919747d2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2de236c65c7cf481f5da63a9bd1f690919747d2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230406/7f59e5f5/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list