[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 28 22:19:28 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
863c77b4 by Salvatore Bonaccorso at 2023-04-28T23:18:59+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,121 +1,121 @@
 CVE-2023-31470 (SmartDNS through 41 before 56d0332 allows an out-of-bounds write becau ...)
-	TODO: check
+	NOT-FOR-US: SmartDNS
 CVE-2023-31444 (In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09,  ...)
-	TODO: check
+	NOT-FOR-US: Talend Studio
 CVE-2023-2394 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2393 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2392 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2391 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classif ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2390 (A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and cl ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2389 (A vulnerability, which was classified as problematic, was found in Net ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2388 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2387 (A vulnerability classified as problematic was found in Netgear SRX5308 ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2386 (A vulnerability classified as problematic has been found in Netgear SR ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2385 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2384 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2383 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2382 (A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classif ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2381 (A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and cl ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2380 (A vulnerability, which was classified as problematic, was found in Net ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-2379 (A vulnerability classified as critical has been found in Ubiquiti Edge ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2378 (A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix. ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2377 (A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix. ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2376 (A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix. ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2375 (A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix. ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2374 (A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-ho ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2373 (A vulnerability, which was classified as critical, was found in Ubiqui ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2023-2372 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online DJ Management System
 CVE-2023-2371 (A vulnerability classified as critical was found in SourceCodester Onl ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online DJ Management System
 CVE-2023-2370 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online DJ Management System
 CVE-2023-2369 (A vulnerability was found in SourceCodester Faculty Evaluation System  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Faculty Evaluation System
 CVE-2023-2368 (A vulnerability was found in SourceCodester Faculty Evaluation System  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Faculty Evaluation System
 CVE-2023-2367 (A vulnerability was found in SourceCodester Faculty Evaluation System  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Faculty Evaluation System
 CVE-2023-2366 (A vulnerability was found in SourceCodester Faculty Evaluation System  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Faculty Evaluation System
 CVE-2023-2365 (A vulnerability has been found in SourceCodester Faculty Evaluation Sy ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Faculty Evaluation System
 CVE-2023-2364 (A vulnerability, which was classified as problematic, was found in Sou ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Resort Reservation System
 CVE-2023-2363 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Resort Reservation System
 CVE-2023-2361 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2360 (Sensitive information disclosure due to CORS misconfiguration. The fol ...)
 	TODO: check
 CVE-2023-2356 (Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2. ...)
-	TODO: check
+	NOT-FOR-US: mlflow
 CVE-2023-2355 (Local privilege escalation due to a DLL hijacking vulnerability. The f ...)
-	TODO: check
+	NOT-FOR-US: Acronis Snap Deploy (Windows)
 CVE-2023-2350 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2349 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2348 (A vulnerability was found in SourceCodester Service Provider Managemen ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2347 (A vulnerability was found in SourceCodester Service Provider Managemen ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2346 (A vulnerability was found in SourceCodester Service Provider Managemen ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2345 (A vulnerability was found in SourceCodester Service Provider Managemen ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2344 (A vulnerability has been found in SourceCodester Service Provider Mana ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Service Provider Management System
 CVE-2023-2343 (Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore  ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2342 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pi ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2341 (Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimc ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2340 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2339 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pi ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2338 (SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21.)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2336 (Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21.)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2335 (Plaintext Password in Registry   vulnerability in 42gears surelock win ...)
 	TODO: check
 CVE-2023-2331 (Unquoted service Path or Element vulnerability in 42Gears Surelock Win ...)
-	TODO: check
+	NOT-FOR-US: 42Gears
 CVE-2023-2328 (Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimc ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2327 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2323 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2023-2322 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
-	TODO: check
+	NOT-FOR-US: pimcore
 CVE-2022-48481 (In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was po ...)
-	TODO: check
+	NOT-FOR-US: JetBrains Toolbox App
 CVE-2023-XXXX [RUSTSEC-2023-0035: enumflags2: Adverserial use of make_bitflags! macro can cause undefined behavior]
 	- rust-enumflags2 <not-affected> (Introduced in 0.7.0)
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0035.html
@@ -1337,7 +1337,7 @@ CVE-2023-30856 (eDEX-UI is a science fiction terminal emulator. Versions 2.2.8 a
 CVE-2023-30855
 	RESERVED
 CVE-2023-30854 (AVideo is an open source video platform. Prior to version 12.4, an OS  ...)
-	TODO: check
+	NOT-FOR-US: AVideo
 CVE-2023-30853 (Gradle Build Action allows users to execute a Gradle Build in their Gi ...)
 	TODO: check
 CVE-2023-30852 (Pimcore is an open source data and experience management platform. Pri ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/863c77b4f0753e8dcfab35dd5025b730b5995862

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/863c77b4f0753e8dcfab35dd5025b730b5995862
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230428/b9854369/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list