[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 11 Mar 2023 12:17:10 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f0d74f05 by Salvatore Bonaccorso at 2023-03-11T21:16:44+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -827,13 +827,13 @@ CVE-2023-27855
 CVE-2023-27854
        RESERVED
 CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and 
prior ve ...)
-       TODO: check
+       NOT-FOR-US: OpenHarmony
 CVE-2023-25076
        RESERVED
 CVE-2023-24465 (Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and 
prior vers ...)
-       TODO: check
+       NOT-FOR-US: OpenHarmony
 CVE-2023-1246 (Files or Directories Accessible to External Parties 
vulnerability in S ...)
-       TODO: check
+       NOT-FOR-US: Saysis Starcities
 CVE-2023-1245 (Cross-site Scripting (XSS) - Stored in GitHub repository 
answerdev/ans ...)
        NOT-FOR-US: Answer
 CVE-2023-1244 (Cross-site Scripting (XSS) - Stored in GitHub repository 
answerdev/ans ...)
@@ -985,7 +985,7 @@ CVE-2023-1200 (A vulnerability was found in ehuacui bbs. It 
has been declared as
 CVE-2023-1199
        RESERVED
 CVE-2023-1198 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Saysis Starcities
 CVE-2023-1197 (Cross-site Scripting (XSS) - Stored in GitHub repository 
uvdesk/commun ...)
        NOT-FOR-US: UVdesk
 CVE-2023-1196
@@ -1628,7 +1628,7 @@ CVE-2023-27579
 CVE-2023-27578
        RESERVED
 CVE-2023-27577 (flarum is a forum software package for building communities. 
In versio ...)
-       TODO: check
+       NOT-FOR-US: Flarum
 CVE-2023-27576
        RESERVED
 CVE-2023-27575
@@ -1810,7 +1810,7 @@ CVE-2023-27534
 CVE-2023-27533
        RESERVED
 CVE-2023-27532 (Vulnerability in Veeam Backup &amp; Replication component 
allows encry ...)
-       TODO: check
+       NOT-FOR-US: Veeam
 CVE-2023-27531
        RESERVED
 CVE-2023-27530 (A DoS vulnerability exists in Rack &lt;v3.0.4.2, &lt;v2.2.6.3, 
&lt;v2. ...)
@@ -2424,7 +2424,7 @@ CVE-2023-1093
 CVE-2023-1092
        RESERVED
 CVE-2023-1091 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Alpata Licensed Warehousing Automation System
 CVE-2023-1090
        RESERVED
 CVE-2023-1089
@@ -7087,7 +7087,7 @@ CVE-2023-0748 (Open Redirect in GitHub repository 
btcpayserver/btcpayserver prio
 CVE-2023-0747 (Cross-site Scripting (XSS) - Stored in GitHub repository 
btcpayserver/ ...)
        NOT-FOR-US: btcpayserver
 CVE-2023-0746 (The help page in GigaVUE-FM, when using GigaVUE-OS software 
version 5. ...)
-       TODO: check
+       NOT-FOR-US: GigaVUE-FM
 CVE-2023-0745 (Relative Path Traversal vulnerability in YugaByte, Inc. 
Yugabyte Manag ...)
        - yugabyte-db <itp> (bug #989673)
 CVE-2022-48321 (Limited Server-Side Request Forgery (SSRF) in agent-receiver 
in Tribe2 ...)
@@ -15655,9 +15655,9 @@ CVE-2023-22634
 CVE-2023-22633
        RESERVED
 CVE-2023-22436 (The kernel subsystem function check_permission_for_set_tokenid 
within  ...)
-       TODO: check
+       NOT-FOR-US: OpenHarmony
 CVE-2023-22301 (The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior 
version ...)
-       TODO: check
+       NOT-FOR-US: OpenHarmony
 CVE-2023-22291
        RESERVED
 CVE-2023-0091 (A flaw was found in Keycloak, where it did not properly check 
client t ...)
@@ -15673,7 +15673,7 @@ CVE-2023-0085 (The Metform Elementor Contact Form 
Builder plugin for WordPress i
 CVE-2023-0084 (The Metform Elementor Contact Form Builder plugin for WordPress 
is vul ...)
        NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
 CVE-2023-0083 (The ArKUI framework subsystem within OpenHarmony-v3.1.5 and 
prior vers ...)
-       TODO: check
+       NOT-FOR-US: OpenHarmony
 CVE-2023-0082 (The ExactMetrics WordPress plugin before 7.12.1 does not 
validate and  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0081 (The MonsterInsights WordPress plugin before 8.12.1 does not 
validate a ...)
@@ -30116,7 +30116,7 @@ CVE-2022-44576 (Auth. (admin+) Stored Cross-Site 
Scripting (XSS) vulnerability i
 CVE-2022-44575 (A vulnerability has been identified in PLM Help Server V4.2 
(All versi ...)
        NOT-FOR-US: Siemens
 CVE-2022-44574 (An improper authentication vulnerability exists in Avalanche 
version 6 ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2022-44573
        RESERVED
 CVE-2022-44572 (A denial of service vulnerability in the multipart parsing 
component o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0d74f0525a1420c10ff5b12486428f18cb9cc29

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0d74f0525a1420c10ff5b12486428f18cb9cc29
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to