[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Oct 26 21:22:38 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4a1e2680 by Moritz Muehlenhoff at 2023-10-26T22:22:13+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -93,33 +93,33 @@ CVE-2023-45868 (The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an
 CVE-2023-45867 (ILIAS (2013-09-12 release) contains a medium-criticality Directory Tra ...)
 	NOT-FOR-US: ILIAS
 CVE-2023-45317 (The application interface allows users to perform certain actions via  ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-45228 (The application suffers from improper access control when editing user ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-44267 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL  ...)
-	TODO: check
+	NOT-FOR-US: Online Art Gallery
 CVE-2023-43208 (NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: NextGen Healthcare Mirth Connect
 CVE-2023-42769 (The cookie session ID is of insufficient length and can be exploited b ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-41966 (The application suffers from a privilege escalation vulnerability. A   ...)
-	TODO: check
+	NOT-FOR-US: Sielco
 CVE-2023-41096 (Missing Encryption of Security Keys vulnerability in Silicon Labs Embe ...)
-	TODO: check
+	NOT-FOR-US: Silabs
 CVE-2023-41095 (Missing Encryption of Security Keys vulnerability in Silicon Labs Open ...)
-	TODO: check
+	NOT-FOR-US: Silabs
 CVE-2023-39936 (In Ashlar-Vellum Graphite v13.0.48, the affected application lacks pro ...)
-	TODO: check
+	NOT-FOR-US: Ashlar-Vellum
 CVE-2023-39427 (In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 S ...)
-	TODO: check
+	NOT-FOR-US: Ashlar-Vellum
 CVE-2023-32116 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tota ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31419 (A flaw was discovered in Elasticsearch, affecting the _search API that ...)
-	TODO: check
+	- elasticsearch <removed>
 CVE-2023-31418 (An issue has been identified with how Elasticsearch handled incoming r ...)
-	TODO: check
+	- elasticsearch <removed>
 CVE-2023-31416 (Secret token configuration is never applied when using ECK <2.8 with A ...)
-	TODO: check
+	NOT-FOR-US: Elastic Cloud on Kubernetes
 CVE-2023-5139 (Potential buffer overflow vulnerability at the following location in t ...)
 	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-46754 (The admin panel for Obl.ong before 1.1.2 allows authorization bypass b ...)
@@ -133,9 +133,9 @@ CVE-2023-46752 (An issue was discovered in FRRouting FRR through 9.0.1. It misha
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35 (master)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/30b5c2a434d25981e16792f6f50162beb517ae4d (stable/8.5 branch)
 CVE-2023-46668 (If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-defa ...)
-	TODO: check
+	NOT-FOR-US: Elastic Endpoint
 CVE-2023-46667 (An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where ...)
-	TODO: check
+	NOT-FOR-US: Elastic Fleet Server
 CVE-2023-46584 (SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing  ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2023-46583 (Cross-Site Scripting (XSS) vulnerability in PHPGurukul Nipah virus (Ni ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a1e2680f9c8049b27b06672cc26bb291e3bfaec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a1e2680f9c8049b27b06672cc26bb291e3bfaec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231026/e56222b8/attachment.htm>


More information about the debian-security-tracker-commits mailing list