[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 24 09:41:15 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
099b08da by Salvatore Bonaccorso at 2023-08-24T10:40:49+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,13 +11,13 @@ CVE-2023-4511 (BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19258
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-24.html
CVE-2023-4230 (A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4 ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2023-4229 (A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4 ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2023-4228 (A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4 ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2023-4227 (A vulnerability has been identified in the ioLogik 4000 Series (ioLogi ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2023-4042 (A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostsc ...)
TODO: check
CVE-2023-41126
@@ -31,13 +31,13 @@ CVE-2023-41123
CVE-2023-41122
REJECTED
CVE-2023-41028 (A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi route ...)
- TODO: check
+ NOT-FOR-US: Juplink router
CVE-2023-40612 (In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file e ...)
- TODO: check
+ NOT-FOR-US: OpenMNS
CVE-2023-40573 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-40572 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-40273 (The session fixation vulnerability allowed the authenticated user to c ...)
TODO: check
CVE-2023-40270
@@ -47,19 +47,19 @@ CVE-2023-40185 (shescape is simple shell escape library for JavaScript. This may
CVE-2023-40178 (Node-SAML is a SAML library not dependent on any frameworks that runs ...)
TODO: check
CVE-2023-40177 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-40176 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-40035 (Craft is a CMS for creating custom digital experiences on the web and ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2023-40025 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
- TODO: check
+ NOT-FOR-US: Argo CD
CVE-2023-3705 (The vulnerability exists in CP-Plus NVR due to an improper input handl ...)
- TODO: check
+ NOT-FOR-US: CP-Plus NVR
CVE-2023-3704 (The vulnerability exists in CP-Plus DVR due to an improper input valid ...)
- TODO: check
+ NOT-FOR-US: CP-Plus DVR
CVE-2023-3453 (ETIC Telecom RAS versions 4.7.0 and prior the web management portal au ...)
- TODO: check
+ NOT-FOR-US: ETIC Telecom RAS
CVE-2023-39583
REJECTED
CVE-2023-39441 (Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provide ...)
@@ -67,31 +67,31 @@ CVE-2023-39441 (Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP P
CVE-2023-38831 (RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code ...)
TODO: check
CVE-2023-38422 (Walchem Intuition 9 firmware versions prior to v4.21 are missing authe ...)
- TODO: check
+ NOT-FOR-US: Walchem Intuition 9 firmware
CVE-2023-37379 (Apache Airflow, in versions prior to 2.7.0, contains a security vulner ...)
TODO: check
CVE-2023-36317 (Cross Site Scripting (XSS) vulnerability in sourcecodester Student Stu ...)
- TODO: check
+ NOT-FOR-US: sourcecodester Student Study Center Desk Management System
CVE-2023-32509 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32505 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Arsh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32499 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tony Zeo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32498 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32497 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32496 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32300 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32202 (Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Walchem Intuition 9 firmware
CVE-2023-32119 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3893
- kubernetes 1.20.5+really1.20.2-1
NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/099b08da099d4f0e3b81a408cdd99aa6993fdea4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/099b08da099d4f0e3b81a408cdd99aa6993fdea4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230824/40a1d0a6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list