[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Aug 9 09:21:53 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19b1370d by Moritz Muehlenhoff at 2023-08-09T10:21:33+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,59 +1,59 @@
 CVE-2023-4243 (The FULL - Customer plugin for WordPress is vulnerable to Arbitrary Fi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4242 (The FULL - Customer plugin for WordPress is vulnerable to Information  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4239 (The Real Estate Manager plugin for WordPress is vulnerable to privileg ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3632 (Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Educati ...)
-	TODO: check
+	NOT-FOR-US: Sifir Bes Education and Informatics Kunduz Homework Helper App
 CVE-2023-39951 (OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrum ...)
 	TODO: check
 CVE-2023-39910 (The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin ...)
-	TODO: check
+	NOT-FOR-US: Libbitcoin Explorer
 CVE-2023-39341 ("FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM pro ...)
-	TODO: check
+	NOT-FOR-US: FFRI yarai
 CVE-2023-39214 (Exposure of sensitive information in Zoom Client SDK's before 5.15.5 m ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-39213 (Improper neutralization of special elements in Zoom Desktop Client for ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-39212 (Untrusted search path in Zoom Rooms for Windows before version 5.15.5  ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-39211 (Improper privilege management in Zoom Desktop Client for Windows and Z ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-39210 (Cleartext storage of sensitive information in Zoom Client SDK for Wind ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-39209 (Improper input validation in Zoom Desktop Client for Windows before 5. ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-38752 (Improper authorization vulnerability in Special Interest Group Network ...)
-	TODO: check
+	NOT-FOR-US: Special Interest Group Network for Analysis and Liaison
 CVE-2023-38751 (Improper authorization vulnerability in Special Interest Group Network ...)
-	TODO: check
+	NOT-FOR-US: Special Interest Group Network for Analysis and Liaison
 CVE-2023-38209 (Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-38208 (Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-38207 (Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-37864 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37863 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37862 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37861 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37860 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37859 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37858 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37857 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37856 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-37855 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2023-33934 (Improper Input Validation vulnerability in Apache Software Foundation  ...)
 	TODO: check
 CVE-2023-2905 (Due to a failure in validating the length of a provided MQTT_CMD_PUBLI ...)
@@ -68,7 +68,7 @@ CVE-2023-4203 (Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are a
 CVE-2023-4202 (Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affect ...)
 	NOT-FOR-US: Advantech
 CVE-2023-4009 (In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 i ...)
-	TODO: check
+	NOT-FOR-US: MongoDB Ops Manager
 CVE-2023-40042 (TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow  ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2023-40041 (TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19b1370dc75ad9c266124501c0f53ae62197972d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19b1370dc75ad9c266124501c0f53ae62197972d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230809/01e970a7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list