[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 17 21:21:30 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
505adad3 by Salvatore Bonaccorso at 2023-04-17T22:21:01+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85,9 +85,9 @@ CVE-2023-30773
 CVE-2023-30771 (Incorrect Authorization vulnerability in Apache Software Foundation Ap ...)
 	NOT-FOR-US: Apache IoTDB
 CVE-2015-10103 (A vulnerability, which was classified as problematic, was found in Int ...)
-	TODO: check
+	NOT-FOR-US: InternalError503 Forget It
 CVE-2015-10102 (A vulnerability, which was classified as critical, has been found in F ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2015-10101 (A vulnerability classified as problematic was found in Google Analytic ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-2107 (A vulnerability, which was classified as critical, was found in IBOS 4 ...)
@@ -705,7 +705,7 @@ CVE-2023-2019
 CVE-2023-2018
 	RESERVED
 CVE-2023-2017 (Server-side Template Injection (SSTI) in Shopware 6 (<= v6.4.20.0,  ...)
-	TODO: check
+	NOT-FOR-US: Shopware
 CVE-2023-2016
 	RESERVED
 CVE-2023-2015
@@ -2736,7 +2736,7 @@ CVE-2023-29667
 CVE-2023-29666
 	RESERVED
 CVE-2023-29665 (D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow vi ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-29664
 	RESERVED
 CVE-2023-29663
@@ -3642,7 +3642,7 @@ CVE-2023-1875
 CVE-2023-1874 (The WP Data Access plugin for WordPress is vulnerable to privilege esc ...)
 	NOT-FOR-US: WP Data Access plugin for WordPress
 CVE-2023-1873 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Faturamatik Bircard
 CVE-2023-1872 (A use-after-free vulnerability in the Linux Kernel io_uring system can ...)
 	- linux 5.17.3-1
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
@@ -4710,7 +4710,7 @@ CVE-2023-1725 (Server-Side Request Forgery (SSRF) vulnerability in Infoline Proj
 CVE-2023-1724
 	RESERVED
 CVE-2023-1723 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Veragroup Mobile Assistant
 CVE-2023-1722
 	RESERVED
 CVE-2023-1721
@@ -8947,7 +8947,7 @@ CVE-2023-27846
 CVE-2023-27845
 	RESERVED
 CVE-2023-27844 (SQL injection vulnerability found in PrestaShopleurlrewrite v.1.0 and  ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2023-27843
 	RESERVED
 CVE-2023-27842 (Insecure Permissions vulnerability found in Extplorer File manager eXt ...)
@@ -9190,7 +9190,7 @@ CVE-2023-27735
 CVE-2023-27734 (An issue found in Eteran edb-debugger v.1.3.0 allows a local attacker  ...)
 	NOT-FOR-US: Eteran edb-debugger
 CVE-2023-27733 (DedeCMS v5.7.106 was discovered to contain a SQL injection vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2023-27732
 	RESERVED
 CVE-2023-27731
@@ -10220,7 +10220,7 @@ CVE-2023-22658
 CVE-2023-22435
 	RESERVED
 CVE-2023-1109 (In Phoenix Contacts ENERGY AXC PU Web service an authenticated restric ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contacts ENERGY AXC PU Web service
 CVE-2023-1108
 	RESERVED
 	- undertow <unfixed> (bug #1033253)
@@ -15480,7 +15480,7 @@ CVE-2023-25506
 CVE-2023-25505
 	RESERVED
 CVE-2023-25504 (A malicious actor who has been authenticated and granted specific perm ...)
-	TODO: check
+	NOT-FOR-US: Apache Superset
 CVE-2023-25503
 	RESERVED
 CVE-2023-25502
@@ -37026,7 +37026,7 @@ CVE-2022-44728
 CVE-2022-44727 (The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for Pres ...)
 	NOT-FOR-US: PrestaShop module
 CVE-2022-44726 (The TouchDown Timesheet tracking component 4.1.4 for Jira allows XSS i ...)
-	TODO: check
+	NOT-FOR-US: TouchDown Timesheet tracking component for Jira
 CVE-2022-44725 (OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses  ...)
 	NOT-FOR-US: OPC Foundation Local Discovery Server (LDS)
 CVE-2022-44724 (The Handy Tip macro in Stiltsoft Handy Macros for Confluence Server/Da ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505adad3c8d18ef1e46eab9803cd2d3c4f92307e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505adad3c8d18ef1e46eab9803cd2d3c4f92307e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230417/e39012d3/attachment.htm>

More information about the debian-security-tracker-commits mailing list