[Git][security-tracker-team/security-tracker][master] NFUs

Wed Jan 3 15:33:05 GMT 2024


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1734f7c by Moritz Muehlenhoff at 2024-01-03T16:32:27+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,17 @@
+CVE-2023-51785
+	NOT-FOR-US: Apache InLong
+CVE-2023-51784
+	NOT-FOR-US: Apache InLong
 CVE-2024-21632 (omniauth-microsoft_graph provides an Omniauth strategy for the Microso ...)
-	TODO: check
+	NOT-FOR-US: omniauth-microsoft_graph
 CVE-2024-21629 (Rust EVM is an Ethereum Virtual Machine interpreter. In `rust-evm`, a  ...)
-	TODO: check
+	NOT-FOR-US: Rust EVM
 CVE-2024-21628 (PrestaShop is an open-source e-commerce platform. Prior to version 8.1 ...)
 	NOT-FOR-US: PrestaShop
 CVE-2024-21627 (PrestaShop is an open-source e-commerce platform. Prior to versions 8. ...)
 	NOT-FOR-US: PrestaShop
 CVE-2024-21623 (OTCLient is an alternative tibia client for otserv. Prior to commit db ...)
-	TODO: check
+	NOT-FOR-US: OTCLient
 CVE-2024-0211 (DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via ...)
 	- wireshark <unfixed>
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2024-05.html
@@ -29,9 +33,9 @@ CVE-2024-0207 (HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2024-03.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19502
 CVE-2024-0196 (A vulnerability has been found in Magic-Api up to 2.0.1 and classified ...)
-	TODO: check
+	NOT-FOR-US: Magic-Api
 CVE-2024-0195 (A vulnerability, which was classified as critical, was found in spider ...)
-	TODO: check
+	NOT-FOR-US: spider-flow
 CVE-2024-0194 (A vulnerability, which was classified as critical, has been found in C ...)
 	NOT-FOR-US: CodeAstro Internet Banking System
 CVE-2023-7027 (The POST SMTP Mailer \u2013 Email log, Delivery Failure Notifications  ...)
@@ -75,7 +79,7 @@ CVE-2023-50020 (An issue was discovered in open5gs v2.6.6. SIGPIPE can be used t
 CVE-2023-50019 (An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registrat ...)
 	NOT-FOR-US: Open5GS
 CVE-2023-4164 (There is a possible informationdisclosure due to a missing permission  ...)
-	TODO: check
+	NOT-FOR-US: Google Pixel Watch
 CVE-2023-49558 (An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ...)
 	- yasm <unfixed>
 	NOTE: https://github.com/yasm/yasm/issues/252
@@ -92,15 +96,15 @@ CVE-2023-49554 (Use After Free vulnerability in YASM 1.3.0.86.g9def allows a rem
 	- yasm <unfixed>
 	NOTE: https://github.com/yasm/yasm/issues/249
 CVE-2023-49553 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a den ...)
-	TODO: check
+	NOT-FOR-US: Cesenta MJS
 CVE-2023-49552 (An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker  ...)
-	TODO: check
+	NOT-FOR-US: Cesenta MJS
 CVE-2023-49551 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a den ...)
-	TODO: check
+	NOT-FOR-US: Cesenta MJS
 CVE-2023-49550 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a den ...)
-	TODO: check
+	NOT-FOR-US: Cesenta MJS
 CVE-2023-49549 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a den ...)
-	TODO: check
+	NOT-FOR-US: Cesenta MJS
 CVE-2023-48418 (In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a  ...)
 	TODO: check
 CVE-2023-47473 (Directory Traversal vulnerability in fuwushe.org iFair versions 23.8_a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1734f7c81fe0e5ea8d7bc46e52618c8cd8aee25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1734f7c81fe0e5ea8d7bc46e52618c8cd8aee25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240103/24c0d6ae/attachment.htm>
