[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 13 11:21:30 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b80b54e2 by Salvatore Bonaccorso at 2023-07-13T12:21:02+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2023-3363 (An information disclosure issue in Gitlab CE/EE affecting all ver
 CVE-2023-3362 (An information disclosure issue in GitLab CE/EE affecting all versions ...)
 	TODO: check
 CVE-2023-3343 (The User Registration plugin for WordPress is vulnerable to PHP Object ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3342 (The User Registration plugin for WordPress is vulnerable to arbitrary  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3319 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	TODO: check
 CVE-2023-38199 (coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does n ...)
@@ -41,17 +41,17 @@ CVE-2023-37415 (Improper Input Validation vulnerability in Apache Software Found
 CVE-2023-35694 (In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a pos ...)
 	TODO: check
 CVE-2023-35693 (In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corrupt ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2023-35691 (there is a possible out of bounds read due to a missing bounds check.  ...)
 	TODO: check
 CVE-2023-35069 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
 	TODO: check
 CVE-2023-34137 (SonicWall GMS and Analytics CAS Web Services application use static va ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2023-34136 (Vulnerability in SonicWall GMS and Analytics allows unauthenticated at ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2023-34135 (Path Traversal vulnerability in SonicWall GMS and Analytics allows a r ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2023-34134 (Exposure of sensitive information to an unauthorized actor vulnerabili ...)
 	TODO: check
 CVE-2023-34133 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -73,11 +73,11 @@ CVE-2023-34126 (Vulnerability in SonicWall GMS and Analytics allows an authentic
 CVE-2023-34125 (Path Traversal vulnerability in GMS and Analytics allows an authentica ...)
 	TODO: check
 CVE-2023-34124 (The authentication mechanism in SonicWall GMS and Analytics Web Servic ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2023-34123 (Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, So ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2023-33274 (The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains  ...)
-	TODO: check
+	NOT-FOR-US: PowerShield SNMP Web Pro
 CVE-2023-2957 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2023-2620 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
@@ -107,21 +107,21 @@ CVE-2023-3106 (A NULL pointer dereference vulnerability was found in netlink_dum
 CVE-2023-38069 (In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be sup ...)
 	TODO: check
 CVE-2023-38068 (In JetBrains YouTrack before 2023.1.16597 captcha was not properly val ...)
-	TODO: check
+	NOT-FOR-US: JetBrains YouTrack
 CVE-2023-38067 (In JetBrains TeamCity before 2023.05.1 build parameters of the "passwo ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38066 (In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer h ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38065 (In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the bu ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38064 (In JetBrains TeamCity before 2023.05.1 build chain parameters of the " ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38063 (In JetBrains TeamCity before 2023.05.1 stored XSS while running custom ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38062 (In JetBrains TeamCity before 2023.05.1 parameters of the "password" ty ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38061 (In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom  ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38046 (A vulnerability exists in Palo Alto Networks PAN-OS software that enab ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2023-37630 (Online Piggery Management System 1.0 is vulnerable to Cross Site Scrip ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b80b54e22f75cb0dcd87c41744c6062029147e9d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b80b54e22f75cb0dcd87c41744c6062029147e9d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230713/00dc595e/attachment.htm>

More information about the debian-security-tracker-commits mailing list