Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
145caeb1 by Moritz Muehlenhoff at 2023-03-20T16:13:53+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,17 +5,17 @@ CVE-2016-15029
CVE-2012-10009
RESERVED
CVE-2023-1501 (A vulnerability, which was classified as critical, was found in
RockOA ...)
- TODO: check
+ NOT-FOR-US: RockOA
CVE-2023-1500 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Simple Art Gallery
CVE-2023-1499 (A vulnerability classified as critical was found in
code-projects Simp ...)
- TODO: check
+ NOT-FOR-US: Simple Art Gallery
CVE-2023-1498 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: Responsive Hotel Site
CVE-2023-1497 (A vulnerability was found in SourceCodester Simple and Nice
Shopping C ...)
NOT-FOR-US: SourceCodester Simple and Nice Shopping Cart Script
CVE-2023-1496 (Cross-site Scripting (XSS) - Reflected in GitHub repository
imgproxy/i ...)
- TODO: check
+ NOT-FOR-US: imgproxy
CVE-2023-28617 (org-babel-execute:latex in ob-latex.el in Org Mode through
9.6.1 for G ...)
- org-mode <unfixed>
[bullseye] - org-mode <no-dsa> (Minor issue)
@@ -63,7 +63,7 @@ CVE-2023-1486 (A vulnerability classified as problematic was
found in Lespeed Wi
CVE-2023-1485 (A vulnerability classified as problematic has been found in
SourceCode ...)
NOT-FOR-US: SourceCodester Young Entrepreneur E-Negosyo System
CVE-2022-4933 (A vulnerability, which was classified as critical, has been
found in A ...)
- TODO: check
+ NOT-FOR-US: Dolibarr module
CVE-2022-48422 (ONLYOFFICE Docs through 7.3 on certain Linux distributions
allows loca ...)
NOT-FOR-US: ONLYOFFICE
CVE-2021-46877 (jackson-databind 2.10.x through 2.12.x before 2.12.6 and
2.13.x before ...)
@@ -74,7 +74,7 @@ CVE-2021-46877 (jackson-databind 2.10.x through 2.12.x before
2.12.6 and 2.13.x
NOTE:
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb
(jackson-databind-2.12.6)
NOTE:
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb
(jackson-databind-3.13.1)
CVE-2015-10096 (A vulnerability, which was classified as critical, was found
in Zarthu ...)
- TODO: check
+ NOT-FOR-US: Zarthus IRC Twitter Announcer Bot
CVE-2023-28608
RESERVED
CVE-2023-28607 (js/event-graph.js in MISP before 2.4.169 allows XSS via the
event-grap ...)
@@ -379,7 +379,7 @@ CVE-2023-1456
CVE-2023-1455 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
NOT-FOR-US: SourceCodester Online Pizza Ordering System
CVE-2023-1454 (A vulnerability classified as critical has been found in
jeecg-boot 3. ...)
- TODO: check
+ NOT-FOR-US: jeecg-boot
CVE-2023-1453 (A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It
has bee ...)
NOT-FOR-US: Watchdog Anti-Virus
CVE-2023-1452 (A vulnerability was found in GPAC
2.3-DEV-rev35-gbbca86917-master. It ...)
@@ -387,9 +387,9 @@ CVE-2023-1452 (A vulnerability was found in GPAC
2.3-DEV-rev35-gbbca86917-master
NOTE: https://github.com/gpac/gpac/issues/2386
NOTE:
https://github.com/gpac/gpac/commit/a5efec8187de02d1f0a412140b0bf030a6747d3f
CVE-2023-1451 (A vulnerability was found in MP4v2 2.1.2. It has been
classified as pr ...)
- TODO: check
+ NOT-FOR-US: MP4v2
CVE-2023-1450 (A vulnerability was found in MP4v2 2.1.2 and classified as
problematic ...)
- TODO: check
+ NOT-FOR-US: MP4v2
CVE-2023-1449 (A vulnerability has been found in GPAC
2.3-DEV-rev35-gbbca86917-master ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/2387
@@ -1696,15 +1696,15 @@ CVE-2023-28115 (Snappy is a PHP library allowing
thumbnail, snapshot or PDF gene
CVE-2023-28114
RESERVED
CVE-2023-28113 (russh is a Rust SSH client and server library. Starting in
version 0.3 ...)
- TODO: check
+ NOT-FOR-US: russh
CVE-2023-28112 (Discourse is an open-source discussion platform. Prior to
version 3.1. ...)
NOT-FOR-US: Discourse
CVE-2023-28111 (Discourse is an open-source discussion platform. Prior to
version 3.1. ...)
NOT-FOR-US: Discourse
CVE-2023-28110 (Jumpserver is a popular open source bastion host, and Koko is
a Jumpse ...)
- TODO: check
+ NOT-FOR-US: Jumpserver
CVE-2023-28109 (Play With Docker is a browser-based Docker playground.
Versions 0.0.2 ...)
- TODO: check
+ NOT-FOR-US: Play with Docker
CVE-2023-28108 (Pimcore is an open source data and experience management
platform. Pri ...)
NOT-FOR-US: Pimcore
CVE-2023-28107 (Discourse is an open-source discussion platform. Prior to
version 3.0. ...)
@@ -1714,7 +1714,7 @@ CVE-2023-28106 (Pimcore is an open source data and
experience management platfor
CVE-2023-28105 (go-used-util has commonly used utility functions for Go.
Versions prio ...)
TODO: check
CVE-2023-28104 (`silverstripe/graphql` serves Silverstripe data as GraphQL
representat ...)
- TODO: check
+ NOT-FOR-US: silverstripe/graphql
CVE-2023-28103
RESERVED
CVE-2023-28102
@@ -3239,9 +3239,9 @@ CVE-2023-27594 (Cilium is a networking, observability,
and security solution wit
CVE-2023-27593 (Cilium is a networking, observability, and security solution
with an e ...)
- cilium <itp> (bug #858303)
CVE-2023-27592 (Miniflux is a feed reader. Since v2.0.25, Miniflux will
automatically ...)
- TODO: check
+ NOT-FOR-US: Miniflux
CVE-2023-27591 (Miniflux is a feed reader. Prior to version 2.0.43, an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: Miniflux
CVE-2023-27590 (Rizin is a UNIX-like reverse engineering framework and
command-line to ...)
NOT-FOR-US: Rizin
CVE-2023-27589 (Minio is a Multi-Cloud Object Storage framework. Starting with
RELEASE ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/145caeb1a8698c15c2f7892d32b9fe9abe732bfe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/145caeb1a8698c15c2f7892d32b9fe9abe732bfe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
