Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
00d88108 by Moritz Muehlenhoff at 2023-02-06T17:52:59+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,11 +27,11 @@ CVE-2023-25193 (hb-ot-layout-gsubgpos.hh in HarfBuzz
through 6.0.0 allows attack
[bullseye] - harfbuzz <no-dsa> (Minor issue)
NOTE:
https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc
CVE-2014-125086 (A vulnerability has been found in Gimmie Plugin 1.2.2 and
classified a ...)
- TODO: check
+ NOT-FOR-US: Gimmie
CVE-2014-125085 (A vulnerability, which was classified as critical, was found
in Gimmie ...)
- TODO: check
+ NOT-FOR-US: Gimmie
CVE-2014-125084 (A vulnerability, which was classified as critical, has been
found in G ...)
- TODO: check
+ NOT-FOR-US: Gimmie
CVE-2023-25192
RESERVED
CVE-2023-25191
@@ -51,9 +51,9 @@ CVE-2023-0674 (A vulnerability, which was classified as
problematic, has been fo
CVE-2023-0673 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
NOT-FOR-US: SourceCodester Online Eyewear Shop
CVE-2017-20176 (A vulnerability classified as problematic was found in
ciubotaru share ...)
- TODO: check
+ NOT-FOR-US: share-on-diaspora
CVE-2017-20175 (A vulnerability classified as problematic has been found in
DaSchTour ...)
- TODO: check
+ NOT-FOR-US: Mamoto extension for MediaWiki
CVE-2023-25189
RESERVED
CVE-2023-25188
@@ -324,9 +324,9 @@ CVE-2019-25101 (A vulnerability classified as critical has
been found in OnShift
CVE-2018-25080 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: MobileDetect
CVE-2018-25079 (A vulnerability was found in Segmentio is-url up to 1.2.2. It
has been ...)
- TODO: check
+ NOT-FOR-US: Node is-url
CVE-2015-10072 (A vulnerability classified as problematic was found in NREL
api-umbrel ...)
- TODO: check
+ NOT-FOR-US: api-umbrella-web
CVE-2013-10018 (A vulnerability was found in fanzila WebFinance 0.5. It has
been decla ...)
NOT-FOR-US: fanzila WebFinance
CVE-2013-10017 (A vulnerability was found in fanzila WebFinance 0.5. It has
been class ...)
@@ -1467,7 +1467,7 @@ CVE-2023-24612 (The PdfBook extension through 2.0.5
before b07b6a64 for MediaWik
CVE-2023-24611
RESERVED
CVE-2023-24610 (NOSH 4a5cfdb allows remote authenticated users to execute PHP
arbitrar ...)
- TODO: check
+ NOT-FOR-US: NOSH
CVE-2023-24609
RESERVED
CVE-2023-24608
@@ -3312,7 +3312,7 @@ CVE-2023-23942
CVE-2023-23941 (SwagPayPal is a PayPal integration for shopware/platform. If
JavaScrip ...)
NOT-FOR-US: SwagPayPal
CVE-2023-23940 (OpenZeppelin Contracts for Cairo is a library for secure smart
contrac ...)
- TODO: check
+ NOT-FOR-US: OpenZeppelin Contracts
CVE-2023-23939
RESERVED
CVE-2023-23938
@@ -3328,7 +3328,7 @@ CVE-2023-23934
CVE-2023-23933 (OpenSearch Anomaly Detection identifies atypical data and
receives aut ...)
NOT-FOR-US: OpenSearch Anomaly Detection
CVE-2023-23932 (OpenDDS is an open source C++ implementation of the Object
Management ...)
- TODO: check
+ NOT-FOR-US: OpenDDS
CVE-2023-23931
RESERVED
CVE-2023-23930
@@ -3342,7 +3342,7 @@ CVE-2023-23927
CVE-2023-23926
RESERVED
CVE-2023-23925 (Switcher Client is a JavaScript SDK to work with Switcher API
which is ...)
- TODO: check
+ NOT-FOR-US: Switcher
CVE-2023-23924 (Dompdf is an HTML to PDF converter. The URI validation on
dompdf 2.0.1 ...)
- php-dompdf <not-affected> (Vulnerable code not in any Debian released
version)
NOTE:
https://github.com/dompdf/dompdf/security/advisories/GHSA-3cw5-7cxw-v5qg
@@ -5639,9 +5639,9 @@ CVE-2023-23122
CVE-2023-23121
RESERVED
CVE-2023-23120 (The use of the cyclic redundancy check (CRC) algorithm for
integrity c ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2023-23119 (The use of the cyclic redundancy check (CRC) algorithm for
integrity c ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2023-23118
RESERVED
CVE-2023-23117
@@ -5659,7 +5659,7 @@ CVE-2023-23112
CVE-2023-23111
RESERVED
CVE-2023-23110 (An exploitable firmware modification vulnerability was
discovered in c ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2023-23109
RESERVED
CVE-2023-23108
@@ -5756,9 +5756,9 @@ CVE-2013-10010 (A vulnerability classified as problematic
has been found in zero
CVE-2023-23088 (Buffer OverFlow Vulnerability in Barenboim json-parser master
and v1.1 ...)
TODO: check
CVE-2023-23087 (An issue was found in MojoJson v1.2.3 allows attackers to
execute arbi ...)
- TODO: check
+ NOT-FOR-US: MojoJson
CVE-2023-23086 (Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an
attacker to ...)
- TODO: check
+ NOT-FOR-US: MojoJson
CVE-2023-23085
RESERVED
CVE-2023-23084
@@ -5980,7 +5980,7 @@ CVE-2023-22977
CVE-2023-22976
RESERVED
CVE-2023-22975 (jfinal_cms 5.1.0 is vulnerable to Cross Site Scripting (XSS).
...)
- TODO: check
+ NOT-FOR-US: jfinal_cms
CVE-2023-22974
RESERVED
CVE-2023-22973
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00d88108011dc4fe14572909b91cad0df9e76c97
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00d88108011dc4fe14572909b91cad0df9e76c97
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
