[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 14 Feb 2023 00:16:38 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
bbfdff00 by Salvatore Bonaccorso at 2023-02-14T09:15:38+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77,7 +77,7 @@ CVE-2023-0816
 CVE-2023-0815
        RESERVED
 CVE-2023-0814 (The Profile Builder &#8211; User Profile &amp; User 
Registration Forms ...)
-       TODO: check
+       NOT-FOR-US: Profile Builder &#8211; User Profile & User Registration 
Forms plugin for WordPress
 CVE-2023-0813
        RESERVED
 CVE-2023-0812
@@ -475,7 +475,7 @@ CVE-2023-25616
 CVE-2023-25615
        RESERVED
 CVE-2023-25614 (SAP NetWeaver AS ABAP (BSP Framework) application - versions 
700, 701, ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-25613
        RESERVED
 CVE-2023-0767
@@ -3398,25 +3398,25 @@ CVE-2020-36657 (uptimed before 0.4.6-r1 on Gentoo 
allows local users (with acces
 CVE-2018-25078 (man-db before 2.8.5 on Gentoo allows local users (with access 
to the m ...)
        TODO: check
 CVE-2023-24530 (SAP BusinessObjects Business Intelligence Platform (CMC) - 
versions 42 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24529 (Due to lack of proper input validation, BSP application 
(CRM_BSP_FRAME ...)
        TODO: check
 CVE-2023-24528 (SAP Fiori apps for Travel Management in SAP ERP (My Travel 
Requests) - ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24527
        RESERVED
 CVE-2023-24526
        RESERVED
 CVE-2023-24525 (SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 
102, 103, ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24524 (SAP S/4 HANA Map Treasury Correspondence Format Data does not 
perform  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24523 (An attacker authenticated as a non-admin user with local 
access to a s ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24522 (Due to insufficient input sanitization, SAP NetWeaver AS ABAP 
(Busines ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24521 (Due to insufficient input sanitization, SAP NetWeaver AS ABAP 
(BSP Fra ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-24520
        RESERVED
 CVE-2023-24519
@@ -5075,25 +5075,25 @@ CVE-2023-0399
 CVE-2023-0398 (Cross-Site Request Forgery (CSRF) in GitHub repository 
modoboa/modoboa ...)
        NOT-FOR-US: Modoboa
 CVE-2023-23860 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 
750, 751,  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23859 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 
750, 751,  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23858 (Due to insufficient input validation, SAP NetWeaver AS for 
ABAP and AB ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23857
        RESERVED
 CVE-2023-23856 (In SAP BusinessObjects Business Intelligence (Web Intelligence 
user in ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23855 (SAP Solution Manager - version 720, allows an authenticated 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23854 (SAP NetWeaver Application Server for ABAP and ABAP Platform - 
versions ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23853 (An unauthenticated attacker in AP NetWeaver Application Server 
for ABA ...)
        TODO: check
 CVE-2023-23852 (SAP Solution Manager (System Monitoring) - version 720, does 
not suffi ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23851 (SAP Business Planning and Consolidation - versions 200, 300, 
allows an ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-23850
        RESERVED
 CVE-2023-23849 (Versions of Coverity Connect prior to 2022.12.0 are vulnerable 
to an u ...)
@@ -10990,9 +10990,9 @@ CVE-2022-43444
 CVE-2022-42702
        RESERVED
 CVE-2023-0025 (SAP Solution Manager (BSP Application) - version 720, allows an 
authen ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-0024 (SAP Solution Manager (BSP Application) - version 720, allows an 
authen ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-0023 (In SAP Bank Account Management (Manage Banks) application, when 
a user ...)
        NOT-FOR-US: SAP
 CVE-2023-0022 (SAP BusinessObjects Business Intelligence Analysis edition for 
OLAP al ...)
@@ -11213,9 +11213,9 @@ CVE-2023-22334 (Use of password hash instead of 
password for authentication vuln
 CVE-2023-22331 (Use of default credentials vulnerability in CONPROSYS HMI 
System (CHS) ...)
        NOT-FOR-US: CONPROSYS
 CVE-2023-0020 (SAP BusinessObjects Business Intelligence platform - versions 
420, 430 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-0019 (In SAP GRC (Process Control) - versions GRCFND_A V1200, 
GRCFND_A V8100 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-0018 (Due to improper input sanitization of user-controlled input in 
SAP Bus ...)
        NOT-FOR-US: SAP
 CVE-2023-0017 (An unauthenticated attacker in SAP NetWeaver AS for Java - 
version 7.5 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbfdff0093edb75e2074d313a542c3e7f8cd12d4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbfdff0093edb75e2074d313a542c3e7f8cd12d4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to