[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 21 12:45:35 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dfe66ac3 by Salvatore Bonaccorso at 2023-04-21T13:45:20+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,9 +29,9 @@ CVE-2023-2207
 CVE-2023-2206
 	RESERVED
 CVE-2023-2205 (A vulnerability was found in Campcodes Retro Basketball Shoes Online S ...)
-	TODO: check
+	NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store
 CVE-2023-2204 (A vulnerability was found in Campcodes Retro Basketball Shoes Online S ...)
-	TODO: check
+	NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store
 CVE-2023-2203
 	RESERVED
 CVE-2023-2202 (Improper Access Control in GitHub repository francoisjacquet/rosariosi ...)
@@ -454,7 +454,7 @@ CVE-2023-2133 (Out of bounds memory access in Service Worker API in Google Chrom
 CVE-2023-2132
 	RESERVED
 CVE-2023-2131 (Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS co ...)
-	TODO: check
+	NOT-FOR-US: INEA ME RTU firmware
 CVE-2023-2130 (A vulnerability classified as critical has been found in SourceCodeste ...)
 	NOT-FOR-US: SourceCodester Purchase Order Management System
 CVE-2023-30792
@@ -10763,13 +10763,13 @@ CVE-2023-27357
 CVE-2023-27356
 	RESERVED
 CVE-2023-27355 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
-	TODO: check
+	NOT-FOR-US: Sonos One Speaker
 CVE-2023-27354 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
-	TODO: check
+	NOT-FOR-US: Sonos One Speaker
 CVE-2023-27353 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
-	TODO: check
+	NOT-FOR-US: Sonos One Speaker
 CVE-2023-27352 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
-	TODO: check
+	NOT-FOR-US: Sonos One Speaker
 CVE-2023-27351 (This vulnerability allows remote attackers to bypass authentication on ...)
 	NOT-FOR-US: PaperCut
 CVE-2023-27350 (This vulnerability allows remote attackers to bypass authentication on ...)
@@ -11446,7 +11446,7 @@ CVE-2023-27092 (Cross Site Scripting vulnerability found in Jbootfly allows atta
 CVE-2023-27091 (An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows a ...)
 	NOT-FOR-US: XiaoBingby TeaCMS
 CVE-2023-27090 (Cross Site Scripting vulnerability found in TeaCMS storage allows atta ...)
-	TODO: check
+	NOT-FOR-US: TeaCMS
 CVE-2023-27089 (Cross Site Scripting vulnerability found in Ehuacui BBS allows attacke ...)
 	NOT-FOR-US: Ehuacui
 CVE-2023-27088 (feiqu-opensource Background Vertical authorization vulnerability exist ...)
@@ -39015,9 +39015,9 @@ CVE-2023-20867
 CVE-2023-20866 (In Spring Session version 3.0.0, the session id can be logged to the s ...)
 	NOT-FOR-US: Spring Session
 CVE-2023-20865 (VMware Aria Operations for Logs contains a command injection vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2023-20864 (VMware Aria Operations for Logs contains a deserialization vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2023-20863 (In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0 ...)
 	- libspring-java <unfixed> (unimportant)
 	NOTE: https://spring.io/security/cve-2023-20863
@@ -135981,7 +135981,7 @@ CVE-2021-36438
 CVE-2021-36437
 	RESERVED
 CVE-2021-36436 (An issue in Mobicint Backend for Credit Unions v3 allows attackers to  ...)
-	TODO: check
+	NOT-FOR-US: Mobicint Backend for Credit Unions
 CVE-2021-36435
 	RESERVED
 CVE-2021-36434 (SQL injection vulnerability in jocms 0.8 allows remote attackers to ru ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfe66ac380bdd5df6f22123a60c61853e816e305

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfe66ac380bdd5df6f22123a60c61853e816e305
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230421/4e259c54/attachment.htm>

More information about the debian-security-tracker-commits mailing list