[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 3 15:00:47 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4bce0306 by Moritz Muehlenhoff at 2023-05-03T16:00:25+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -42,7 +42,7 @@ CVE-2023-2483 [net: qcom/emac: Fix use after free bug in emac_remove due to race
 	[buster] - linux 4.19.282-1
 	NOTE: https://git.kernel.org/linus/6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (6.3-rc4)
 CVE-2023-2479 (OS Command Injection in GitHub repository appium/appium-desktop prior  ...)
-	TODO: check
+	NOT-FOR-US: Appium
 CVE-2023-2477 (A vulnerability was found in Funadmin up to 3.2.3. It has been declare ...)
 	NOT-FOR-US: Funadmin
 CVE-2023-2476 (A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It has been ...)
@@ -9923,7 +9923,7 @@ CVE-2023-28072
 CVE-2023-28071
 	RESERVED
 CVE-2023-28070 (Alienware Command Center Application, versions 5.5.43.0 and prior, con ...)
-	TODO: check
+	NOT-FOR-US: Alienware
 CVE-2023-28069 (Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulne ...)
 	NOT-FOR-US: Dell
 CVE-2023-28068
@@ -14916,7 +14916,7 @@ CVE-2023-26270
 CVE-2023-26269 (Apache James server version 3.7.3 and earlier provides a JMX managemen ...)
 	NOT-FOR-US: Apache James
 CVE-2023-26268 (Design documents with matching document IDs, from databases on the sam ...)
-	TODO: check
+	- couchdb <removed>
 CVE-2023-0941 (Use after free in Prompts in Google Chrome prior to 110.0.5481.177 all ...)
 	{DSA-5359-1}
 	- chromium 110.0.5481.177-1
@@ -25903,7 +25903,7 @@ CVE-2023-22693
 CVE-2023-22692
 	RESERVED
 CVE-2023-22691 (Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-22690
 	RESERVED
 CVE-2023-22689
@@ -80250,7 +80250,7 @@ CVE-2022-30761
 CVE-2022-30760 (An Insecure Direct Object Reference (IDOR) issue in fn2Web in ihb eG F ...)
 	NOT-FOR-US: fn2Web
 CVE-2022-30759 (In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sud ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2022-30708 (Webmin through 1.991, when the Authentic theme is used, allows remote  ...)
 	- webmin <removed>
 CVE-2022-1717 (The Custom Share Buttons with Floating Sidebar WordPress plugin before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bce030674368e52824592b026b1a120855d7d86

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bce030674368e52824592b026b1a120855d7d86
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230503/92ac254d/attachment.htm>

More information about the debian-security-tracker-commits mailing list