[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jul 5 21:25:36 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1bf24e3f by Salvatore Bonaccorso at 2023-07-05T22:25:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
 CVE-2023-3515 (Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.)
 	- gitea <removed>
 CVE-2023-3455 (Key management vulnerability on system. Successful exploitation of thi ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-3336 (TN-5900 Series version 3.3 and prior versions is vulnearble to user en ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-3089 (A compliance problem was found in the Red Hat OpenShift Container Plat ...)
-	TODO: check
+	NOT-FOR-US: Red Hat OpenShift Container Platform
 CVE-2023-36934 (In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0 ...)
-	TODO: check
+	NOT-FOR-US: Progress MOVEit Transfer
 CVE-2023-36933 (In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7 ...)
-	TODO: check
+	NOT-FOR-US: Progress MOVEit Transfer
 CVE-2023-36932 (In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0 ...)
-	TODO: check
+	NOT-FOR-US: Progress MOVEit Transfer
 CVE-2023-36665 (protobuf.js (aka protobufjs) 6.10.0 through 7.x before 7.2.4 allows Pr ...)
 	TODO: check
 CVE-2023-36624 (Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated o ...)
-	TODO: check
+	NOT-FOR-US: Loxone Miniserver Go
 CVE-2023-36623 (The root password of the Loxone Miniserver Go Gen.2 before 14.2 is cal ...)
-	TODO: check
+	NOT-FOR-US: Loxone Miniserver Go
 CVE-2023-36622 (The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 ...)
-	TODO: check
+	NOT-FOR-US: Loxone Miniserver Go
 CVE-2023-35979 (There is an unauthenticated buffer overflow vulnerabilityin the proces ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35978 (A vulnerability in ArubaOS could allow an unauthenticatedremote attack ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35977 (Vulnerabilities exist which allow an authenticated attackerto access s ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35976 (Vulnerabilities exist which allow an authenticated attackerto access s ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35975 (An authenticated path traversal vulnerability exists in theArubaOS com ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35974 (Authenticated command injection vulnerabilities exist inthe ArubaOS co ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35973 (Authenticated command injection vulnerabilities exist inthe ArubaOS co ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35972 (An authenticated remote command injection vulnerabilityexists in the A ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35971 (A vulnerability in the ArubaOS web-based management interface could al ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-35924 (GLPI is a free asset and IT management software package. Starting in v ...)
 	TODO: check
 CVE-2023-35863 (In MADEFORNET HTTP Debugger through 9.12, the Windows service does not ...)
-	TODO: check
+	NOT-FOR-US: MADEFORNET HTTP Debugger
 CVE-2023-34654 (taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS).)
-	TODO: check
+	NOT-FOR-US: Taocms
 CVE-2023-34473 (AMI SPx contains a vulnerability in the BMC where a valid user may cau ...)
-	TODO: check
+	NOT-FOR-US: AMI SPx
 CVE-2023-34472 (AMI SPx contains a vulnerability in the BMC where an Attacker may caus ...)
-	TODO: check
+	NOT-FOR-US: AMI SPx
 CVE-2023-34471 (AMI SPx contains a vulnerability in the BMC where a user may cause a m ...)
-	TODO: check
+	NOT-FOR-US: AMI SPx
 CVE-2023-34457 (MechanicalSoup is a Python library for automating interaction with web ...)
 	TODO: check
 CVE-2023-34338 (AMI SPx contains a vulnerability in the BMC where an Attacker may caus ...)
-	TODO: check
+	NOT-FOR-US: AMI SPx
 CVE-2023-34337 (AMI SPx contains a vulnerability in the BMC where a user may cause an  ...)
-	TODO: check
+	NOT-FOR-US: AMI SPx
 CVE-2023-34244 (GLPI is a free asset and IT management software package. Starting in v ...)
 	TODO: check
 CVE-2023-34107 (GLPI is a free asset and IT management software package. Versions of t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bf24e3fb2c438db313fea4209e659b2da90dcf4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bf24e3fb2c438db313fea4209e659b2da90dcf4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230705/2f984070/attachment.htm>

More information about the debian-security-tracker-commits mailing list