[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Dec 20 10:25:31 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8e72f9c5 by Moritz Muehlenhoff at 2023-12-20T11:18:30+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2023-37544
+	NOT-FOR-US: Apache Pulsar
 CVE-2023-6977 (This vulnerability enables malicious users to read sensitive files on  ...)
 	NOT-FOR-US: mlflow
 CVE-2023-6976 (This vulnerability is capable of writing arbitrary files into arbitrar ...)
@@ -73,13 +75,13 @@ CVE-2023-45887 (DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSI
 CVE-2023-45172 (IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user ...)
 	NOT-FOR-US: IBM
 CVE-2023-42940 (A session rendering issue was addressed with improved session tracking ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2023-42013 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7,  ...)
 	NOT-FOR-US: IBM
 CVE-2023-42012 (An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3 ...)
 	NOT-FOR-US: IBM
 CVE-2023-38126 (Softing edgeAggregator Restore Configuration Directory Traversal Remot ...)
-	TODO: check
+	NOT-FOR-US: Softing edgeAggregator
 CVE-2023-37982 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-35883 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in M ...)
@@ -183,7 +185,7 @@ CVE-2023-34382 (Deserialization of Untrusted Data vulnerability in weDevs Dokan
 CVE-2023-34027 (Deserialization of Untrusted Data vulnerability in Rajnish Arora Recen ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2019-25158 (A vulnerability has been found in pedroetb tts-api up to 2.1.4 and cla ...)
-	TODO: check
+	NOT-FOR-US: pedroetb tts-api
 CVE-2023-50762 (When processing a PGP/MIME payload that contains digitally signed text ...)
 	- thunderbird 1:115.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-50762
@@ -46217,7 +46219,7 @@ CVE-2023-27174
 CVE-2023-27173
 	RESERVED
 CVE-2023-27172 (Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT t ...)
-	TODO: check
+	NOT-FOR-US: Xpand IT Write-back manager
 CVE-2023-27171
 	REJECTED
 CVE-2023-27170 (Xpand IT Write-back manager v2.3.1 allows attackers to perform a direc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e72f9c54c6db8e710a8e924d54c96688eb31ee0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e72f9c54c6db8e710a8e924d54c96688eb31ee0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231220/338d2e58/attachment.htm>

More information about the debian-security-tracker-commits mailing list