[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Feb 9 11:56:27 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8f5fd15e by Moritz Muehlenhoff at 2023-02-09T12:54:01+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1156,13 +1156,13 @@ CVE-2023-25170
 CVE-2023-25169
 	RESERVED
 CVE-2023-25168 (Wings is Pterodactyl's server control plane. This vulnerability can be ...)
-	TODO: check
+	NOT-FOR-US: Wings
 CVE-2023-25167 (Discourse is an open source discussion platform. In affected versions  ...)
 	NOT-FOR-US: Discourse
 CVE-2023-25166 (formula is a math and string formula parser. In versions prior to 3.0. ...)
-	TODO: check
+	NOT-FOR-US: @sideway/formula
 CVE-2023-25165 (Helm is a tool that streamlines installing and managing Kubernetes app ...)
-	TODO: check
+	- helm-kubernetes <itp> (bug #910799)
 CVE-2023-25164 (Tinacms is a Git-backed headless content management system with suppor ...)
 	NOT-FOR-US: Tinacms
 CVE-2023-25163 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
@@ -1188,11 +1188,11 @@ CVE-2023-25154
 CVE-2023-25153
 	RESERVED
 CVE-2023-25152 (Wings is Pterodactyl's server control plane. Affected versions are sub ...)
-	TODO: check
+	NOT-FOR-US: Wings
 CVE-2023-25151 (opentelemetry-go-contrib is a collection of extensions for OpenTelemet ...)
-	TODO: check
+	NOT-FOR-US: opentelemetry-go-contrib
 CVE-2023-25150 (Nextcloud office/richdocuments is an office suit for the nextcloud ser ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud office/richdocuments
 CVE-2023-25149
 	RESERVED
 CVE-2023-25148
@@ -6829,7 +6829,7 @@ CVE-2014-125074 (A vulnerability was found in Nayshlok Voyager. It has been decl
 CVE-2013-10010 (A vulnerability classified as problematic has been found in zerochplus ...)
 	NOT-FOR-US: zerochplus
 CVE-2023-23088 (Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1 ...)
-	TODO: check
+	NOT-FOR-US: Barenboim json-parser
 CVE-2023-23087 (An issue was found in MojoJson v1.2.3 allows attackers to execute arbi ...)
 	NOT-FOR-US: MojoJson
 CVE-2023-23086 (Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an attacker to ...)
@@ -7670,7 +7670,7 @@ CVE-2023-0117
 CVE-2023-0116
 	RESERVED
 CVE-2023-0115 (This CVE ID has been rejected or withdrawn by its CVE Numbering Author ...)
-	TODO: check
+	REJECTED
 CVE-2022-4881 (A vulnerability was found in CapsAdmin PAC3. It has been rated as prob ...)
 	NOT-FOR-US: CapsAdmin PAC3
 CVE-2021-4309 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -9526,7 +9526,7 @@ CVE-2022-48080
 CVE-2022-48079 (Monnai aaPanel host system v1.5 contains an access control issue which ...)
 	NOT-FOR-US: Monnai aaPanel host system
 CVE-2022-48078 (pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered t ...)
-	TODO: check
+	NOT-FOR-US: pycdc
 CVE-2022-48077
 	RESERVED
 CVE-2022-48076
@@ -18700,17 +18700,17 @@ CVE-2022-45498 (An issue in the component tpi_systool_handle(0) (/goform/SysTool
 CVE-2022-45497 (Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection ...)
 	NOT-FOR-US: Tenda
 CVE-2022-45496 (Buffer overflow vulnerability in function json_parse_string in sheredo ...)
-	TODO: check
+	NOT-FOR-US: json.h
 CVE-2022-45495
 	RESERVED
 CVE-2022-45494 (Buffer overflow vulnerability in function json_parse_object in sheredo ...)
-	TODO: check
+	NOT-FOR-US: json.h
 CVE-2022-45493 (Buffer overflow vulnerability in function json_parse_key in sheredom j ...)
-	TODO: check
+	NOT-FOR-US: json.h
 CVE-2022-45492 (Buffer overflow vulnerability in function json_parse_number in sheredo ...)
-	TODO: check
+	NOT-FOR-US: json.h
 CVE-2022-45491 (Buffer overflow vulnerability in function json_parse_value in sheredom ...)
-	TODO: check
+	NOT-FOR-US: json.h
 CVE-2022-45490
 	RESERVED
 CVE-2022-45489
@@ -19651,7 +19651,7 @@ CVE-2022-45299 (An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.
 CVE-2022-45298
 	RESERVED
 CVE-2022-45297 (EQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnera ...)
-	TODO: check
+	NOT-FOR-US: EQ
 CVE-2022-45296
 	RESERVED
 CVE-2022-45295



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f5fd15e5fe1d41cef0610fcec6efd559f4f3c19

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f5fd15e5fe1d41cef0610fcec6efd559f4f3c19
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230209/272c9547/attachment.htm>

More information about the debian-security-tracker-commits mailing list