[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 09 Mar 2023 01:18:19 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d2ebeb82 by Salvatore Bonaccorso at 2023-03-09T10:17:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1483,7 +1483,7 @@ CVE-2023-27478 (libmemcached-awesome is an open source 
C/C++ client library and
        NOTE: Introduced with: 
https://github.com/awesomized/libmemcached/commit/d7a0084bf99d618d1dc26a54fd413db7ae8b8e63
 (1.1.0-beta1)
        NOTE: Fixed by: 
https://github.com/awesomized/libmemcached/commit/48dcc61a4919f6f3d5ee164630a843f2d8b8ade9
 (1.1.4)
 CVE-2023-27477 (wasmtime is a fast and secure runtime for WebAssembly. 
Wasmtime's code ...)
-       TODO: check
+       NOT-FOR-US: wasmtime
 CVE-2023-27476 (OWSLib is a Python package for client programming with Open 
Geospatial ...)
        [experimental] - owslib 0.28.1-1~exp1
        - owslib <unfixed>
@@ -2494,7 +2494,7 @@ CVE-2023-27090
 CVE-2023-27089
        RESERVED
 CVE-2023-27088 (feiqu-opensource Background Vertical authorization 
vulnerability exist ...)
-       TODO: check
+       NOT-FOR-US: feiqu-opensource Background Vertical
 CVE-2023-27087
        RESERVED
 CVE-2023-27086
@@ -2758,7 +2758,7 @@ CVE-2023-26958
 CVE-2023-26957
        RESERVED
 CVE-2023-26956 (onekeyadmin v1.3.9 was discovered to contain an arbitrary file 
read vu ...)
-       TODO: check
+       NOT-FOR-US: onekeyadmin
 CVE-2023-26955 (onekeyadmin v1.3.9 was discovered to contain a stored 
cross-site scrip ...)
        NOT-FOR-US: onekeyadmin
 CVE-2023-26954 (onekeyadmin v1.3.9 was discovered to contain a stored 
cross-site scrip ...)
@@ -2766,15 +2766,15 @@ CVE-2023-26954 (onekeyadmin v1.3.9 was discovered to 
contain a stored cross-site
 CVE-2023-26953 (onekeyadmin v1.3.9 was discovered to contain a stored 
cross-site scrip ...)
        NOT-FOR-US: onekeyadmin
 CVE-2023-26952 (onekeyadmin v1.3.9 was discovered to contain a stored 
cross-site scrip ...)
-       TODO: check
+       NOT-FOR-US: onekeyadmin
 CVE-2023-26951
        RESERVED
 CVE-2023-26950 (onekeyadmin v1.3.9 was discovered to contain a stored 
cross-site scrip ...)
-       TODO: check
+       NOT-FOR-US: onekeyadmin
 CVE-2023-26949 (An arbitrary file upload vulnerability in the component 
/admin1/config ...)
        NOT-FOR-US: onekeyadmin
 CVE-2023-26948 (onekeyadmin v1.3.9 was discovered to contain an arbitrary file 
read vu ...)
-       TODO: check
+       NOT-FOR-US: onekeyadmin
 CVE-2023-26947
        RESERVED
 CVE-2023-26946
@@ -3843,7 +3843,7 @@ CVE-2023-26491 (RSSHub is an open source and extensible 
RSS feed generator. When
 CVE-2023-26490 (mailcow is a dockerized email package, with multiple 
containers linked ...)
        NOT-FOR-US: mailcow
 CVE-2023-26489 (wasmtime is a fast and secure runtime for WebAssembly. In 
affected ver ...)
-       TODO: check
+       NOT-FOR-US: wasmtime
 CVE-2023-26488 (OpenZeppelin Contracts is a library for secure smart contract 
developm ...)
        NOT-FOR-US: OpenZeppelin
 CVE-2023-26487 (Vega is a visualization grammar, a declarative format for 
creating, sa ...)
@@ -8771,7 +8771,7 @@ CVE-2023-24784
 CVE-2023-24783
        RESERVED
 CVE-2023-24782 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Funadmin
 CVE-2023-24781 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
        NOT-FOR-US: Funadmin
 CVE-2023-24780 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
@@ -8781,7 +8781,7 @@ CVE-2023-24779
 CVE-2023-24778
        RESERVED
 CVE-2023-24777 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Funadmin
 CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain a remote code 
execution (RCE ...)
        NOT-FOR-US: Funadmin
 CVE-2023-24775 (Funadmin v3.2.0 was discovered to contain a SQL injection 
vulnerabilit ...)
@@ -10234,7 +10234,7 @@ CVE-2023-24284
 CVE-2023-24283
        RESERVED
 CVE-2023-24282 (An arbitrary file upload vulnerability in Poly Trio 8800 
7.2.2.1094 al ...)
-       TODO: check
+       NOT-FOR-US: Poly Trio 8800
 CVE-2023-24281
        RESERVED
 CVE-2023-24280



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2ebeb826bbe84b865e402c53ce99fe2d2d28a43

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2ebeb826bbe84b865e402c53ce99fe2d2d28a43
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to