[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 4 22:11:50 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac9d301c by Salvatore Bonaccorso at 2023-05-04T23:11:16+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2023-2524 (A vulnerability classified as critical has been found in Control iD RH ...)
- TODO: check
+ NOT-FOR-US: Control iD RHiD
CVE-2023-2523 (A vulnerability was found in Weaver E-Office 9.5. It has been rated as ...)
- TODO: check
+ NOT-FOR-US: Weaver E-Office
CVE-2023-2522 (A vulnerability was found in Chengdu VEC40G 3.0. It has been declared ...)
- TODO: check
+ NOT-FOR-US: Chengdu VEC40G
CVE-2023-2521 (A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been class ...)
- TODO: check
+ NOT-FOR-US: NEXTU NEXT-7004N
CVE-2023-2520 (A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031 ...)
- TODO: check
+ NOT-FOR-US: Caton Prime
CVE-2023-2519 (A vulnerability has been found in Caton CTP Relay Server 1.2.9 and cla ...)
- TODO: check
+ NOT-FOR-US: Caton CTP Relay Server
CVE-2017-20184 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Carlo Gavazzi Powersoft
CVE-2023-2468 (Inappropriate implementation in PictureInPicture in Google Chrome prio ...)
{DSA-5398-1}
- chromium 113.0.5672.63-1
@@ -298,7 +298,7 @@ CVE-2023-31286 (An issue was discovered in Serenity Serene (and StartSharp) befo
CVE-2023-31285 (An XSS issue was discovered in Serenity Serene (and StartSharp) before ...)
NOT-FOR-US: Serenity
CVE-2023-31284 (illumos illumos-gate before 676abcb has a stack buffer overflow in /de ...)
- TODO: check
+ NOT-FOR-US: illumos illumos-gate
CVE-2023-31283
RESERVED
CVE-2023-31282
@@ -2239,7 +2239,7 @@ CVE-2023-30621 (Gipsy is a multi-purpose discord bot which aim to be as modular
CVE-2023-30620 (mindsdb is a Machine Learning platform to help developers build AI sol ...)
NOT-FOR-US: mindsdb
CVE-2023-30619 (Tuleap Open ALM is a Libre and Open Source tool for end to end traceab ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2023-30618 (Kitchen-Terraform provides a set of Test Kitchen plugins which enable ...)
NOT-FOR-US: Kitchen-Terraform
CVE-2023-30617
@@ -2611,7 +2611,7 @@ CVE-2023-30552 (Archery is an open source SQL audit platform. The Archery projec
CVE-2023-30551
RESERVED
CVE-2023-30550 (MeterSphere is an open source continuous testing platform, covering fu ...)
- TODO: check
+ NOT-FOR-US: MeterSphere
CVE-2023-30549 (Apptainer is an open source container platform for Linux. There is an ...)
- singularity-container <unfixed> (bug #1035026)
NOTE: https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg
@@ -3365,7 +3365,7 @@ CVE-2023-30270
CVE-2023-30269 (CLTPHP <=6.0 is vulnerable to Improper Input Validation via applicatio ...)
NOT-FOR-US: CLTPHP
CVE-2023-30268 (CLTPHP <=6.0 is vulnerable to Improper Input Validation.)
- TODO: check
+ NOT-FOR-US: CLTPHP
CVE-2023-30267 (CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via applicati ...)
NOT-FOR-US: CLTPHP
CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangero ...)
@@ -3373,7 +3373,7 @@ CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with D
CVE-2023-30265 (CLTPHP <=6.0 is vulnerable to Directory Traversal.)
NOT-FOR-US: CLTPHP
CVE-2023-30264 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangero ...)
- TODO: check
+ NOT-FOR-US: CLTPHP
CVE-2023-30263
RESERVED
CVE-2023-30262
@@ -3495,7 +3495,7 @@ CVE-2023-30205 (A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7
CVE-2023-30204 (Judging Management System v1.0 was discovered to contain a SQL injecti ...)
NOT-FOR-US: Judging Management System
CVE-2023-30203 (Judging Management System v1.0 was discovered to contain a SQL injecti ...)
- TODO: check
+ NOT-FOR-US: Judging Management System
CVE-2023-30202
RESERVED
CVE-2023-30201
@@ -3533,7 +3533,7 @@ CVE-2023-30186
CVE-2023-30185
RESERVED
CVE-2023-30184 (A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 al ...)
- TODO: check
+ NOT-FOR-US: Typecho
CVE-2023-30183
REJECTED
NOT-FOR-US: Wangmarket CMS
@@ -3708,13 +3708,13 @@ CVE-2023-30099
CVE-2023-30098
RESERVED
CVE-2023-30097 (A stored cross-site scripting (XSS) vulnerability in TotalJS messenger ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30096 (A stored cross-site scripting (XSS) vulnerability in TotalJS messenger ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30095 (A stored cross-site scripting (XSS) vulnerability in TotalJS messenger ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30094 (A stored cross-site scripting (XSS) vulnerability in TotalJS Flow v10 ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30093
RESERVED
CVE-2023-30092
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac9d301c6e036874ba812f63e7cc2fb7854c8d65
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac9d301c6e036874ba812f63e7cc2fb7854c8d65
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230504/0b9bce90/attachment.htm>
More information about the debian-security-tracker-commits
mailing list