[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Oct 18 22:35:34 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dd2abda2 by Moritz Mühlenhoff at 2023-10-18T23:35:04+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -73,11 +73,11 @@ CVE-2023-35663 (In Init of protocolnetadapter.cpp, there is a possible out of bo
 CVE-2023-35656 (In multiple functions of protocolembmsadapter.cpp, there is a possible ...)
 	TODO: check
 CVE-2023-32089 (Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with  ...)
-	TODO: check
+	NOT-FOR-US: Pega Platform
 CVE-2023-32088 (Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS i ...)
-	TODO: check
+	NOT-FOR-US: Pega Platform
 CVE-2023-32087 (Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS i ...)
-	TODO: check
+	NOT-FOR-US: Pega Platform
 CVE-2023-5568 [Heap buffer overflow with freshness tokens in the Heimdal KDC in Samba 4.19]
 	- samba 2:4.19.2+dfsg-1
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=15491
@@ -21846,7 +21846,7 @@ CVE-2023-31219
 CVE-2023-31218 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31217 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31216 (Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31215
@@ -22710,7 +22710,7 @@ CVE-2023-2198 (An issue has been discovered in GitLab CE/EE affecting all versio
 CVE-2023-30912
 	RESERVED
 CVE-2023-30911 (HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2023-30910 (HPE MSA Controller prior to versionIN210R004 could be remotely exploit ...)
 	NOT-FOR-US: HPE
 CVE-2023-30909 (A remote authentication bypass issue exists in some OneView APIs.)
@@ -23187,7 +23187,7 @@ CVE-2023-30783
 CVE-2023-30782 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moy ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30781 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Theme Bl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-30780 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30779 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jonathan ...)
@@ -52140,7 +52140,7 @@ CVE-2023-22098 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2023-22097 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-22096 (Vulnerability in the Java VM component of Oracle Database Server.  Sup ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2023-22095 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-22094 (Vulnerability in the MySQL Installer product of Oracle MySQL (componen ...)
@@ -65941,7 +65941,7 @@ CVE-2023-20263 (A vulnerability in the web-based management interface of Cisco H
 CVE-2023-20262 (A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager co ...)
 	NOT-FOR-US: Cisco
 CVE-2023-20261 (A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could a ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20260
 	RESERVED
 CVE-2023-20259 (A vulnerability in an API endpoint of multiple Cisco Unified Communica ...)
@@ -66071,7 +66071,7 @@ CVE-2023-20200 (A vulnerability in the Simple Network Management Protocol (SNMP)
 CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for macOS could ...)
 	NOT-FOR-US: Cisco
 CVE-2023-20198 (Cisco is aware of active exploitation of a previously unknown vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20197 (A vulnerability in the filesystem image parser for Hierarchical File S ...)
 	{DLA-3544-1}
 	- clamav 1.0.2+dfsg-1 (bug #1050057)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd2abda26bb82aaa4e69ca38f3bf845e7dc278a9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd2abda26bb82aaa4e69ca38f3bf845e7dc278a9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231018/89946afd/attachment.htm>

More information about the debian-security-tracker-commits mailing list