[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30dc7bc1 by Moritz Muehlenhoff at 2023-07-23T10:36:37+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
 CVE-2023-3848 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: mooDating
 CVE-2023-3847 (A vulnerability classified as problematic was found in mooSocial mooDa ...)
-	TODO: check
+	NOT-FOR-US: mooDating
 CVE-2023-3846 (A vulnerability classified as problematic has been found in mooSocial  ...)
-	TODO: check
+	NOT-FOR-US: mooDating
 CVE-2023-3845 (A vulnerability was found in mooSocial mooDating 1.2. It has been rate ...)
-	TODO: check
+	NOT-FOR-US: mooDating
 CVE-2023-3844 (A vulnerability was found in mooSocial mooDating 1.2. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: mooDating
 CVE-2023-3843 (A vulnerability was found in mooSocial mooDating 1.2. It has been clas ...)
-	TODO: check
+	NOT-FOR-US: mooDating
 CVE-2023-3842 (A vulnerability was found in Pointware EasyInventory 1.0.12.0 and clas ...)
-	TODO: check
+	NOT-FOR-US: Pointware EasyInventory
 CVE-2023-3841 (A vulnerability has been found in NxFilter 4.3.2.5 and classified as p ...)
-	TODO: check
+	NOT-FOR-US: NxFilter
 CVE-2023-3840 (A vulnerability, which was classified as problematic, was found in NxF ...)
-	TODO: check
+	NOT-FOR-US: NxFilter
 CVE-2023-3839 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2023-3838 (A vulnerability classified as problematic was found in DedeBIZ 6.2.10. ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2023-3837 (A vulnerability classified as problematic has been found in DedeBIZ 6. ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2023-3836 (A vulnerability classified as critical was found in Dahua Smart Park M ...)
 	NOT-FOR-US: Dahua Smart Park Management
 CVE-2023-3835 (A vulnerability classified as problematic has been found in Bug Finder ...)
@@ -47,7 +47,7 @@ CVE-2023-38633 (A directory traversal problem in the URL decoder of librsvg befo
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1213502
 	NOTE: https://gitlab.gnome.org/GNOME/librsvg/-/issues/996
 CVE-2023-38195 (Datalust Seq before 2023.2.9489 allows insertion of sensitive informat ...)
-	TODO: check
+	NOT-FOR-US: Datalust Seq
 CVE-2023-3826 (A vulnerability has been found in IBOS OA 4.5.5 and classified as crit ...)
 	NOT-FOR-US: IBOS OA
 CVE-2023-3776 (A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw ...)
@@ -66,11 +66,11 @@ CVE-2023-3609 (A use-after-free vulnerability in the Linux kernel's net/sched: c
 	[bookworm] - linux 6.1.37-1
 	NOTE: https://git.kernel.org/linus/04c55383fa5689357bcdd2c8036725a55ed632bc (6.4-rc7)
 CVE-2023-37918 (Dapr is a portable, event-driven, runtime for building distributed app ...)
-	TODO: check
+	NOT-FOR-US: Dapr
 CVE-2023-37917 (KubePi is an opensource kubernetes management panel. A normal user has ...)
-	TODO: check
+	NOT-FOR-US: KubePi
 CVE-2023-37916 (KubePi is an opensource kubernetes management panel. The endpoint /kub ...)
-	TODO: check
+	NOT-FOR-US: KubePi
 CVE-2023-35077 (An out-of-bounds write vulnerability on windows operating systems caus ...)
 	NOT-FOR-US: Ivanti
 CVE-2023-3822 (Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pi ...)
@@ -17272,7 +17272,7 @@ CVE-2023-28531 (ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent w
 	[bullseye] - openssh <not-affected> (Vulnerable code introduced later; per-hop desination constraints support added in OpenSSH 8.9)
 	[buster] - openssh <not-affected> (Vulnerable code introduced later; per-hop desination constraints support added in OpenSSH 8.9)
 CVE-2023-28530 (IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored cross-site  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-28529 (IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-s ...)
 	NOT-FOR-US: IBM
 CVE-2023-28528 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local ...)
@@ -25001,7 +25001,7 @@ CVE-2023-25931 (Medtronic identified that the Pelvic Health clinician apps, whic
 CVE-2023-25930 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1 ...)
 	NOT-FOR-US: IBM
 CVE-2023-25929 (IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-25928 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
 	NOT-FOR-US: IBM
 CVE-2023-25927 (IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and ...)
@@ -149854,7 +149854,7 @@ CVE-2021-35393 (Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi
 CVE-2021-35392 (Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple ...)
 	NOT-FOR-US: Realtek Jungle SDK
 CVE-2021-35391 (Server Side Request Forgery vulnerability found in Deskpro Support Des ...)
-	TODO: check
+	NOT-FOR-US: Deskpro Support Desk
 CVE-2021-35390
 	RESERVED
 CVE-2021-35389
@@ -210096,7 +210096,7 @@ CVE-2020-24277
 CVE-2020-24276
 	RESERVED
 CVE-2020-24275 (A HTTP response header injection vulnerability in Swoole v4.5.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Swoole
 CVE-2020-24274
 	RESERVED
 CVE-2020-24273



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30dc7bc1435a6394b91b63304a3d9d52c1de5bd0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30dc7bc1435a6394b91b63304a3d9d52c1de5bd0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230723/90d8f05c/attachment.htm>