[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 22 21:32:42 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02e60846 by Salvatore Bonaccorso at 2023-08-22T22:28:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2023-4475 (An Arbitrary File Movement vulnerability was found in ASUSTOR Data Mas ...)
-	TODO: check
+	NOT-FOR-US: ASUSTOR
 CVE-2023-4303 (Jenkins Fortify Plugin 22.1.38 and earlier does not escape the error m ...)
-	TODO: check
+	NOT-FOR-US: Jenkins Fortify Plugin
 CVE-2023-4212 (A command injection vulnerability exists in Trane XL824, XL850, XL1050 ...)
-	TODO: check
+	NOT-FOR-US: Trane and Pivot thermostats
 CVE-2023-3699 (An Improper Privilege Management vulnerability was found in ASUSTOR Da ...)
-	TODO: check
+	NOT-FOR-US: ASUSTOR
 CVE-2023-39599 (Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows att ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2023-39141 (webui-aria2 commit 4fe2e was discovered to contain a path traversal vu ...)
 	TODO: check
 CVE-2023-38996 (An issue in all versions of Douran DSGate allows a local authenticated ...)
-	TODO: check
+	NOT-FOR-US: Douran DSGate
 CVE-2023-38909 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Applic ...)
-	TODO: check
+	NOT-FOR-US: TPLink
 CVE-2023-38908 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Applic ...)
-	TODO: check
+	NOT-FOR-US: TPLink
 CVE-2023-38906 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Applic ...)
-	TODO: check
+	NOT-FOR-US: TPLink
 CVE-2023-38732 (IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allo ...)
 	NOT-FOR-US: IBM
 CVE-2023-38668 (Stack-based buffer over-read in disasm in nasm 2.16 allows attackers t ...)
@@ -25,53 +25,53 @@ CVE-2023-38668 (Stack-based buffer over-read in disasm in nasm 2.16 allows attac
 CVE-2023-38667 (Stack-based buffer over-read in function disasm in nasm 2.16 allows at ...)
 	TODO: check
 CVE-2023-38666 (Bento4 v1.6.0-639 was discovered to contain a segmentation violation v ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2023-38665 (Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows att ...)
 	TODO: check
 CVE-2023-37440 (A vulnerability in the web-based management interfaceof EdgeConnect SD ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37439 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37438 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37437 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37436 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37435 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37434 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37433 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37432 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37431 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37430 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37429 (Multiple vulnerabilities in the web-based managementinterface of EdgeC ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37428 (A vulnerability in the EdgeConnect SD-WAN Orchestratorweb-based manage ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37427 (A vulnerability in the web-based management interface ofEdgeConnect SD ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37426 (EdgeConnect SD-WAN Orchestrator instances prior to theversions resolve ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37425 (A vulnerability in the web-based management interfaceof EdgeConnect SD ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37424 (A vulnerability in the web-based management interfaceof EdgeConnect SD ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37423 (Vulnerabilities in the web-based management interface of EdgeConnect S ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37422 (Vulnerabilities in the web-based management interface of EdgeConnect S ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-37421 (Vulnerabilities in the web-based management interface of EdgeConnect S ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-36281 (An issue in langchain v.0.0.171 allows a remote attacker to execute ar ...)
 	TODO: check
 CVE-2023-34853 (Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b ...)
-	TODO: check
+	NOT-FOR-US: Supermicro motherboard X12DPG-QR
 CVE-2022-48571 (memcached 1.6.7 allows a Denial of Service via multi-packet uploads in ...)
 	TODO: check
 CVE-2022-48570 (Crypto++ through 8.4 contains a timing side channel in ECDSA signature ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e60846978dc2ab65dd673eef8a9d43c601cbcf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e60846978dc2ab65dd673eef8a9d43c601cbcf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230822/6bf0c174/attachment.htm>

More information about the debian-security-tracker-commits mailing list