[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 9 09:18:09 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d2ebeb82 by Salvatore Bonaccorso at 2023-03-09T10:17:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1483,7 +1483,7 @@ CVE-2023-27478 (libmemcached-awesome is an open source C/C++ client library and
NOTE: Introduced with: https://github.com/awesomized/libmemcached/commit/d7a0084bf99d618d1dc26a54fd413db7ae8b8e63 (1.1.0-beta1)
NOTE: Fixed by: https://github.com/awesomized/libmemcached/commit/48dcc61a4919f6f3d5ee164630a843f2d8b8ade9 (1.1.4)
CVE-2023-27477 (wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code ...)
- TODO: check
+ NOT-FOR-US: wasmtime
CVE-2023-27476 (OWSLib is a Python package for client programming with Open Geospatial ...)
[experimental] - owslib 0.28.1-1~exp1
- owslib <unfixed>
@@ -2494,7 +2494,7 @@ CVE-2023-27090
CVE-2023-27089
RESERVED
CVE-2023-27088 (feiqu-opensource Background Vertical authorization vulnerability exist ...)
- TODO: check
+ NOT-FOR-US: feiqu-opensource Background Vertical
CVE-2023-27087
RESERVED
CVE-2023-27086
@@ -2758,7 +2758,7 @@ CVE-2023-26958
CVE-2023-26957
RESERVED
CVE-2023-26956 (onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vu ...)
- TODO: check
+ NOT-FOR-US: onekeyadmin
CVE-2023-26955 (onekeyadmin v1.3.9 was discovered to contain a stored cross-site scrip ...)
NOT-FOR-US: onekeyadmin
CVE-2023-26954 (onekeyadmin v1.3.9 was discovered to contain a stored cross-site scrip ...)
@@ -2766,15 +2766,15 @@ CVE-2023-26954 (onekeyadmin v1.3.9 was discovered to contain a stored cross-site
CVE-2023-26953 (onekeyadmin v1.3.9 was discovered to contain a stored cross-site scrip ...)
NOT-FOR-US: onekeyadmin
CVE-2023-26952 (onekeyadmin v1.3.9 was discovered to contain a stored cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: onekeyadmin
CVE-2023-26951
RESERVED
CVE-2023-26950 (onekeyadmin v1.3.9 was discovered to contain a stored cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: onekeyadmin
CVE-2023-26949 (An arbitrary file upload vulnerability in the component /admin1/config ...)
NOT-FOR-US: onekeyadmin
CVE-2023-26948 (onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vu ...)
- TODO: check
+ NOT-FOR-US: onekeyadmin
CVE-2023-26947
RESERVED
CVE-2023-26946
@@ -3843,7 +3843,7 @@ CVE-2023-26491 (RSSHub is an open source and extensible RSS feed generator. When
CVE-2023-26490 (mailcow is a dockerized email package, with multiple containers linked ...)
NOT-FOR-US: mailcow
CVE-2023-26489 (wasmtime is a fast and secure runtime for WebAssembly. In affected ver ...)
- TODO: check
+ NOT-FOR-US: wasmtime
CVE-2023-26488 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
NOT-FOR-US: OpenZeppelin
CVE-2023-26487 (Vega is a visualization grammar, a declarative format for creating, sa ...)
@@ -8771,7 +8771,7 @@ CVE-2023-24784
CVE-2023-24783
RESERVED
CVE-2023-24782 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Funadmin
CVE-2023-24781 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
NOT-FOR-US: Funadmin
CVE-2023-24780 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
@@ -8781,7 +8781,7 @@ CVE-2023-24779
CVE-2023-24778
RESERVED
CVE-2023-24777 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Funadmin
CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain a remote code execution (RCE ...)
NOT-FOR-US: Funadmin
CVE-2023-24775 (Funadmin v3.2.0 was discovered to contain a SQL injection vulnerabilit ...)
@@ -10234,7 +10234,7 @@ CVE-2023-24284
CVE-2023-24283
RESERVED
CVE-2023-24282 (An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 al ...)
- TODO: check
+ NOT-FOR-US: Poly Trio 8800
CVE-2023-24281
RESERVED
CVE-2023-24280
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2ebeb826bbe84b865e402c53ce99fe2d2d28a43
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2ebeb826bbe84b865e402c53ce99fe2d2d28a43
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230309/87045f73/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list