[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 26 16:33:19 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
85359fdd by Moritz Muehlenhoff at 2023-06-26T17:32:32+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -106,13 +106,13 @@ CVE-2023-36272 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflo
CVE-2023-36271 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via ...)
- libredwg <itp> (bug #595191)
CVE-2023-35931 (Shescape is a simple shell escape library for JavaScript. An attacker ...)
- TODO: check
+ NOT-FOR-US: Shescape
CVE-2023-35925 (FastAsyncWorldEdit (FAWE) is designed for efficient world editing. Thi ...)
- TODO: check
+ NOT-FOR-US: FastAsyncWorldEdit
CVE-2023-35759 (In Progress WhatsUp Gold before 23.0.0, an SNMP-related application en ...)
NOT-FOR-US: Progress WhatsUp Gold
CVE-2023-35167 (Remult is a CRUD framework for full-stack TypeScript. If you used the ...)
- TODO: check
+ NOT-FOR-US: Remult
CVE-2023-35162 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
CVE-2023-35161 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
@@ -154,127 +154,128 @@ CVE-2023-34465 (XWiki Platform is a generic wiki platform. Starting in version 1
CVE-2023-34464 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
CVE-2023-34460 (Tauri is a framework for building binaries for all major desktop platf ...)
- TODO: check
+ NOT-FOR-US: Tauri
CVE-2023-34203 (In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explo ...)
- TODO: check
+ NOT-FOR-US: Progress OpenEdge OEM
CVE-2023-34188 (The HTTP server in Mongoose before 7.10 accepts requests containing ne ...)
- TODO: check
+ NOT-FOR-US: Cesanta Mongoose
+ NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
CVE-2023-34021 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34012 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-33565 (ROS2 (Robot Operating System 2) Foxy Fitzroy ROS_VERSION=2 and ROS_PYT ...)
TODO: check
CVE-2023-32580 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEx ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32480 (Dell BIOS contains an Improper Input Validation vulnerability. An unau ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-32439 (A type confusion issue was addressed with improved checks. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32435 (A memory corruption issue was addressed with improved state management ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32434 (An integer overflow was addressed with improved input validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32423 (A buffer overflow issue was addressed with improved memory handling. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32422 (This issue was addressed by adding additional SQLite logging restricti ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32420 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32419 (The issue was addressed with improved bounds checks. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32417 (This issue was addressed by restricting options offered on a locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32415 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32414 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32413 (A race condition was addressed with improved state handling. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32412 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32411 (This issue was addressed with improved entitlements. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32410 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32408 (The issue was addressed with improved handling of caches. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32407 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32405 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32404 (This issue was addressed with improved entitlements. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32403 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32402 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32400 (This issue was addressed with improved checks. This issue is fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32399 (The issue was addressed with improved handling of caches. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32398 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32397 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32395 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32394 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32392 (A privacy issue was addressed with improved private data redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32391 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32390 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32389 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32388 (A privacy issue was addressed with improved private data redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32387 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32386 (A privacy issue was addressed with improved handling of temporary file ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32385 (A denial-of-service issue was addressed with improved memory handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32384 (A buffer overflow was addressed with improved bounds checking. This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32382 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32380 (An out-of-bounds write issue was addressed with improved bounds checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32376 (This issue was addressed with improved entitlements. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32375 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32372 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32371 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32369 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32368 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32367 (This issue was addressed with improved entitlements. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32365 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32363 (A permissions issue was addressed by removing vulnerable code and addi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32360 (An authentication issue was addressed with improved state management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32357 (An authorization issue was addressed with improved state management. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32355 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32354 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32353 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32352 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-32351 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-3128 (Grafana is validating Azure AD accounts based on the email claim. On ...)
- grafana <removed>
CVE-2023-3114 (Terraform Enterprise since v202207-1 did not properly implement author ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85359fddc562eb70780cdefa60b851fe2d0a4058
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85359fddc562eb70780cdefa60b851fe2d0a4058
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230626/4f438524/attachment.htm>
More information about the debian-security-tracker-commits
mailing list