Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ac9d301c by Salvatore Bonaccorso at 2023-05-04T23:11:16+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2023-2524 (A vulnerability classified as critical has been found in
Control iD RH ...)
- TODO: check
+ NOT-FOR-US: Control iD RHiD
CVE-2023-2523 (A vulnerability was found in Weaver E-Office 9.5. It has been
rated as ...)
- TODO: check
+ NOT-FOR-US: Weaver E-Office
CVE-2023-2522 (A vulnerability was found in Chengdu VEC40G 3.0. It has been
declared ...)
- TODO: check
+ NOT-FOR-US: Chengdu VEC40G
CVE-2023-2521 (A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has
been class ...)
- TODO: check
+ NOT-FOR-US: NEXTU NEXT-7004N
CVE-2023-2520 (A vulnerability was found in Caton Prime
2.1.2.51.e8d7225049(202303031 ...)
- TODO: check
+ NOT-FOR-US: Caton Prime
CVE-2023-2519 (A vulnerability has been found in Caton CTP Relay Server 1.2.9
and cla ...)
- TODO: check
+ NOT-FOR-US: Caton CTP Relay Server
CVE-2017-20184 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Carlo Gavazzi Powersoft
CVE-2023-2468 (Inappropriate implementation in PictureInPicture in Google
Chrome prio ...)
{DSA-5398-1}
- chromium 113.0.5672.63-1
@@ -298,7 +298,7 @@ CVE-2023-31286 (An issue was discovered in Serenity Serene
(and StartSharp) befo
CVE-2023-31285 (An XSS issue was discovered in Serenity Serene (and
StartSharp) before ...)
NOT-FOR-US: Serenity
CVE-2023-31284 (illumos illumos-gate before 676abcb has a stack buffer
overflow in /de ...)
- TODO: check
+ NOT-FOR-US: illumos illumos-gate
CVE-2023-31283
RESERVED
CVE-2023-31282
@@ -2239,7 +2239,7 @@ CVE-2023-30621 (Gipsy is a multi-purpose discord bot
which aim to be as modular
CVE-2023-30620 (mindsdb is a Machine Learning platform to help developers
build AI sol ...)
NOT-FOR-US: mindsdb
CVE-2023-30619 (Tuleap Open ALM is a Libre and Open Source tool for end to end
traceab ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2023-30618 (Kitchen-Terraform provides a set of Test Kitchen plugins which
enable ...)
NOT-FOR-US: Kitchen-Terraform
CVE-2023-30617
@@ -2611,7 +2611,7 @@ CVE-2023-30552 (Archery is an open source SQL audit
platform. The Archery projec
CVE-2023-30551
RESERVED
CVE-2023-30550 (MeterSphere is an open source continuous testing platform,
covering fu ...)
- TODO: check
+ NOT-FOR-US: MeterSphere
CVE-2023-30549 (Apptainer is an open source container platform for Linux.
There is an ...)
- singularity-container <unfixed> (bug #1035026)
NOTE:
https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg
@@ -3365,7 +3365,7 @@ CVE-2023-30270
CVE-2023-30269 (CLTPHP <=6.0 is vulnerable to Improper Input Validation via
applicatio ...)
NOT-FOR-US: CLTPHP
CVE-2023-30268 (CLTPHP <=6.0 is vulnerable to Improper Input Validation.)
- TODO: check
+ NOT-FOR-US: CLTPHP
CVE-2023-30267 (CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via
applicati ...)
NOT-FOR-US: CLTPHP
CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with
Dangero ...)
@@ -3373,7 +3373,7 @@ CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to
Unrestricted Upload of File with D
CVE-2023-30265 (CLTPHP <=6.0 is vulnerable to Directory Traversal.)
NOT-FOR-US: CLTPHP
CVE-2023-30264 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with
Dangero ...)
- TODO: check
+ NOT-FOR-US: CLTPHP
CVE-2023-30263
RESERVED
CVE-2023-30262
@@ -3495,7 +3495,7 @@ CVE-2023-30205 (A stored cross-site scripting (XSS)
vulnerability in DouPHP v1.7
CVE-2023-30204 (Judging Management System v1.0 was discovered to contain a SQL
injecti ...)
NOT-FOR-US: Judging Management System
CVE-2023-30203 (Judging Management System v1.0 was discovered to contain a SQL
injecti ...)
- TODO: check
+ NOT-FOR-US: Judging Management System
CVE-2023-30202
RESERVED
CVE-2023-30201
@@ -3533,7 +3533,7 @@ CVE-2023-30186
CVE-2023-30185
RESERVED
CVE-2023-30184 (A stored cross-site scripting (XSS) vulnerability in Typecho
v1.2.0 al ...)
- TODO: check
+ NOT-FOR-US: Typecho
CVE-2023-30183
REJECTED
NOT-FOR-US: Wangmarket CMS
@@ -3708,13 +3708,13 @@ CVE-2023-30099
CVE-2023-30098
RESERVED
CVE-2023-30097 (A stored cross-site scripting (XSS) vulnerability in TotalJS
messenger ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30096 (A stored cross-site scripting (XSS) vulnerability in TotalJS
messenger ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30095 (A stored cross-site scripting (XSS) vulnerability in TotalJS
messenger ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30094 (A stored cross-site scripting (XSS) vulnerability in TotalJS
Flow v10 ...)
- TODO: check
+ NOT-FOR-US: TotalJS
CVE-2023-30093
RESERVED
CVE-2023-30092
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac9d301c6e036874ba812f63e7cc2fb7854c8d65
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac9d301c6e036874ba812f63e7cc2fb7854c8d65
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
