[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Oct 14 22:23:20 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
41dd6c86 by Moritz Muehlenhoff at 2023-10-14T23:12:49+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2023-5582 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: zzzcms
 CVE-2023-5581 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2023-5580 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2023-5579 (A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as ...)
-	TODO: check
+	NOT-FOR-US: yhz66 Sandbox
 CVE-2023-5578 (A vulnerability was found in Port\xe1bilis i-Educar up to 2.7.5. It ha ...)
-	TODO: check
+	NOT-FOR-US: i-Educar
 CVE-2023-45176 (IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 throug ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-40367 (IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vuln ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-35024 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1,  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-41914
 	- slurm-wlm 23.02.6-1
 	- slurm-wlm-contrib 23.02.6-1
@@ -22,7 +22,7 @@ CVE-2023-41914
 CVE-2023-4263 (Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nR ...)
 	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4257 (Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can ca ...)
-	TODO: check
+	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-45856 (qdPM 9.2 allows remote code execution by using the Add Attachments fea ...)
 	NOT-FOR-US: qdPM
 CVE-2023-45855 (qdPM 9.2 allows Directory Traversal to list files and directories by n ...)
@@ -21805,7 +21805,7 @@ CVE-2023-30996
 CVE-2023-30995 (IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2023-30994 (IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorith ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-30993 (IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2023-30992
@@ -31799,7 +31799,7 @@ CVE-2023-1261 (Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and
 CVE-2023-1260 (An authentication bypass vulnerability was discovered in kube-apiserve ...)
 	NOT-FOR-US: OpenShift
 CVE-2023-1259 (The Hotjar plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-27905 (Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core ...)
 	- jenkins <removed>
 CVE-2023-27904 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error sta ...)
@@ -66097,7 +66097,7 @@ CVE-2022-43870 (IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3
 CVE-2022-43869 (IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5. ...)
 	NOT-FOR-US: IBM
 CVE-2022-43868 (IBM Security Verify Access OIDC Provider could disclose directory info ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43867 (IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacke ...)
 	NOT-FOR-US: IBM
 CVE-2022-43866 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross ...)
@@ -66417,7 +66417,7 @@ CVE-2022-43742
 CVE-2022-43741
 	RESERVED
 CVE-2022-43740 (IBM Security Verify Access OIDC Provider could allow a remote user to  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-43739
 	RESERVED
 CVE-2022-43738
@@ -95517,7 +95517,7 @@ CVE-2022-33167
 CVE-2022-33166 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a p ...)
 	NOT-FOR-US: IBM
 CVE-2022-33165 (IBM Security Directory Server 6.4.0 could allow a remote attacker to t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-33164 (IBM Security Directory Server 7.2.0 could allow a remote attacker to t ...)
 	NOT-FOR-US: IBM
 CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions for a secu ...)
@@ -95525,7 +95525,7 @@ CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions for
 CVE-2022-33162
 	RESERVED
 CVE-2022-33161 (IBM Security Directory Server 6.4.0 could allow a remote attacker to o ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-33160 (IBM Security Directory Suite 8.0.1 uses weaker than expected cryptogra ...)
 	NOT-FOR-US: IBM
 CVE-2022-33159 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user cre ...)
@@ -96539,7 +96539,7 @@ CVE-2022-32757 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an i
 CVE-2022-32756
 	RESERVED
 CVE-2022-32755 (IBM Security Directory Server 6.4.0 is vulnerable to an XML External E ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-32754
 	RESERVED
 CVE-2022-32753



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41dd6c86cbbccc3f6dd3537faf6b7ffea025b0a3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41dd6c86cbbccc3f6dd3537faf6b7ffea025b0a3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231014/17e7e610/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list