Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a10ea4a5 by Moritz Muehlenhoff at 2023-02-21T14:04:31+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -71,9 +71,9 @@ CVE-2023-26237
CVE-2023-26236
RESERVED
CVE-2023-26235 (JD-GUI 1.6.6 allows XSS via
util/net/InterProcessCommunicationUtil.jav ...)
- TODO: check
+ NOT-FOR-US: JD-GUI
CVE-2023-26234 (JD-GUI 1.6.6 allows deserialization via
UIMainWindowPreferencesProvide ...)
- TODO: check
+ NOT-FOR-US: JD-GUI
CVE-2023-26233
RESERVED
CVE-2023-26232
@@ -115,7 +115,7 @@ CVE-2023-26215
CVE-2023-26214
RESERVED
CVE-2023-0934 (Cross-site Scripting (XSS) - Stored in GitHub repository
answerdev/ans ...)
- TODO: check
+ NOT-FOR-US: Answer
CVE-2023-0933
RESERVED
CVE-2023-0932
@@ -518,7 +518,7 @@ CVE-2015-10082 (A vulnerability classified as problematic
has been found in UIKi
CVE-2015-10081 (A vulnerability was found in arnoldle submitByMailPlugin
1.0b2.9 and c ...)
NOT-FOR-US: arnoldle submitByMailPlugin
CVE-2014-125089 (A vulnerability was found in cention-chatserver 3.8.0-rc1. It
has been ...)
- TODO: check
+ NOT-FOR-US: cention-chatserver
CVE-2023-0914 (Improper Authorization in GitHub repository pixelfed/pixelfed
prior to ...)
NOT-FOR-US: pixelfed
CVE-2023-0913 (A vulnerability classified as critical was found in
SourceCodester Aut ...)
@@ -528,13 +528,13 @@ CVE-2023-0912 (A vulnerability classified as critical has
been found in SourceCo
CVE-2019-25104 (A vulnerability has been found in rtcwcoop 1.0.2 and
classified as pro ...)
TODO: check
CVE-2016-15026 (A vulnerability was found in 3breadt dd-plist 1.17 and
classified as p ...)
- TODO: check
+ NOT-FOR-US: dd-plist
CVE-2016-15025 (A vulnerability, which was classified as problematic, was
found in gen ...)
- TODO: check
+ NOT-FOR-US: generator-hottowel
CVE-2015-10080 (A vulnerability was found in NREL api-umbrella-web 0.7.1. It
has been ...)
- TODO: check
+ NOT-FOR-US: api-umbrella-web
CVE-2014-125088 (A vulnerability was found in qt-users-jp silk 0.0.1. It has
been decla ...)
- TODO: check
+ NOT-FOR-US: qt-users-jp
CVE-2013-10019 (A vulnerability was found in OCLC-Research OAICat 1.5.61. It
has been ...)
NOT-FOR-US: OAICat
CVE-2012-10008 (A vulnerability, which was classified as critical, has been
found in u ...)
@@ -1192,7 +1192,7 @@ CVE-2023-25807
CVE-2023-25806
RESERVED
CVE-2023-25805 (versionn, software for changing version information across
multiple fi ...)
- TODO: check
+ NOT-FOR-US: Node versionn
CVE-2023-25804
RESERVED
CVE-2023-25803
@@ -1847,7 +1847,7 @@ CVE-2023-25658
CVE-2023-25657
RESERVED
CVE-2023-25656 (notation-go is a collection of libraries for supporting
Notation sign, ...)
- TODO: check
+ NOT-FOR-US: notation-go
CVE-2023-25655
RESERVED
CVE-2023-25654
@@ -4803,7 +4803,7 @@ CVE-2020-36658 (In Apache::Session::LDAP before 0.5,
validity of the X.509 certi
CVE-2023-24576 (EMC NetWorker may potentially be vulnerable to an
unauthenticated remo ...)
NOT-FOR-US: EMC
CVE-2023-24575 (Dell Multifunction Printer E525w Driver and Software Suite,
versions p ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-24574 (Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains
an "Unc ...)
NOT-FOR-US: Dell
CVE-2023-24573 (Dell Command | Monitor versions prior to 10.9 contain an
arbitrary fol ...)
@@ -8113,9 +8113,9 @@ CVE-2023-23454 (cbq_classify in net/sched/sch_cbq.c in
the Linux kernel through
- linux 6.1.7-1
NOTE:
https://git.kernel.org/linus/caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12
CVE-2023-23453 (Missing Authentication for Critical Function in SICK FX0-GENT
v3 Firmw ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23452 (Missing Authentication for Critical Function in SICK FX0-GPNT
v3 Firmw ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23451
RESERVED
CVE-2023-23450
@@ -22497,7 +22497,7 @@ CVE-2022-3903 (An incorrect read request flaw was found
in the Infrared Transcei
CVE-2022-3902 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <unfixed>
CVE-2022-3901 (Prototype Pollution in Visioweb.js 1.10.6 allows attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Visioweb.js
CVE-2022-3900 (The Cooked Pro WordPress plugin before 1.7.5.7 does not
properly valid ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45058
@@ -47029,7 +47029,7 @@ CVE-2020-36560 (Due to improper path santization,
archives containing relative f
CVE-2020-36559 (Due to improper santization of user input, HTTPEngine.Handle
allows fo ...)
TODO: check
CVE-2019-25072 (Due to support of Gzip compression in request bodies, as well
as a lac ...)
- TODO: check
+ - tendermint-go-common <removed>
CVE-2018-25046 (Due to improper path santization, archives containing relative
file pa ...)
NOT-FOR-US: GO code.cloudfoundry.org/archiver
CVE-2017-20146 (Usage of the CORS handler may apply improper CORS headers,
allowing th ...)
@@ -78736,7 +78736,7 @@ CVE-2022-21144 (This affects all versions of package
libxmljs. When invoking the
CVE-2022-21129 (Versions of the package nemo-appium before 0.0.9 are
vulnerable to Com ...)
TODO: check
CVE-2022-21126 (The package com.github.samtools:htsjdk before 3.0.1 are
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: com.github.samtools:htsjdk
CVE-2022-21122 (The package metacalc before 0.0.2 are vulnerable to Arbitrary
Code Exe ...)
NOT-FOR-US: Node metacalc
CVE-2022-0758 (Rapid7 Nexpose versions 6.6.129 and earlier suffer from a
reflected cr ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a10ea4a58bddeeca5060654ae24ba0a55c0f49a0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a10ea4a58bddeeca5060654ae24ba0a55c0f49a0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
