[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 12 Apr 2023 14:02:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
68dfd1e7 by Salvatore Bonaccorso at 2023-04-12T23:01:55+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9830,7 +9830,7 @@ CVE-2023-27218
 CVE-2023-27217
        RESERVED
 CVE-2023-27216 (An issue found in D-Link DSL-3782 v.1.03 allows remote 
authenticated u ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2023-27215
        RESERVED
 CVE-2023-27214 (Online Student Management System v1.0 was discovered to 
contain multip ...)
@@ -10219,7 +10219,7 @@ CVE-2023-27034 (PrestaShop jmsblog 2.5.5 was discovered 
to contain a SQL injecti
 CVE-2023-27033 (Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to 
contain a code ...)
        NOT-FOR-US: Prestashop cdesigner
 CVE-2023-27032 (Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was 
discovered to c ...)
-       TODO: check
+       NOT-FOR-US: Prestashop advancedpopupcreator
 CVE-2023-27031
        RESERVED
 CVE-2023-27030
@@ -18249,9 +18249,9 @@ CVE-2023-24184 (TOTOLink A7100RU V7.4cu.2313_B20191024 
was discovered to contain
 CVE-2023-24183
        RESERVED
 CVE-2023-24182 (LuCI openwrt-22.03 branch git-22.361.69894-438c598 was 
discovered to c ...)
-       TODO: check
+       NOT-FOR-US: LuCI openwrt
 CVE-2023-24181 (LuCI openwrt-22.03 branch git-22.361.69894-438c598 was 
discovered to c ...)
-       TODO: check
+       NOT-FOR-US: LuCI openwrt
 CVE-2023-24180 (Libelfin v0.3 was discovered to contain an integer overflow in 
the loa ...)
        - libelfin <unfixed> (bug #1033741)
        [bookworm] - libelfin <no-dsa> (Minor issue)
@@ -20057,7 +20057,7 @@ CVE-2023-23593
 CVE-2023-23592 (WALLIX Access Manager 3.x through 4.0.x allows a remote 
attacker to ac ...)
        NOT-FOR-US: WALLIX Access Manager
 CVE-2023-23591 (The Logback component in Terminalfour before 8.3.14.1 allows 
OS admini ...)
-       TODO: check
+       NOT-FOR-US: Terminalfour
 CVE-2023-0302 (Failure to Sanitize Special Elements into a Different Plane 
(Special E ...)
        - radare2 <unfixed> (bug #1029037)
        NOTE: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
@@ -23367,7 +23367,7 @@ CVE-2023-22617 (A remote attacker might be able to 
cause infinite recursion in P
        NOTE: https://downloads.powerdns.com/patches/2023-01/
        NOTE: https://github.com/PowerDNS/pdns/pull/12442
 CVE-2023-22616 (An issue was discovered in Insyde InsydeH2O with kernel 5.2 
through 5. ...)
-       TODO: check
+       NOT-FOR-US: Insyde
 CVE-2023-22615 (An issue was discovered in IhisiSmm in Insyde InsydeH2O with 
kernel 5. ...)
        NOT-FOR-US: Insyde
 CVE-2023-22614 (An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O 
with kern ...)
@@ -26180,7 +26180,7 @@ CVE-2022-47607 (Auth. (admin+) Stored Cross-Site 
Scripting (XSS) vulnerability i
 CVE-2022-47606
        RESERVED
 CVE-2022-47605 (Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 
Pro plug ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-47604
        RESERVED
 CVE-2022-47603 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
wpdevart ...)
@@ -40885,11 +40885,11 @@ CVE-2023-0008
 CVE-2023-0007
        RESERVED
 CVE-2023-0006 (A local file deletion vulnerability in the Palo Alto Networks 
GlobalPr ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2023-0005 (A vulnerability in Palo Alto Networks PAN-OS software enables 
an authe ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2023-0004 (A local file deletion vulnerability in Palo Alto Networks 
PAN-OS softw ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2023-0003 (A file disclosure vulnerability in the Palo Alto Networks 
Cortex XSOAR ...)
        NOT-FOR-US: Palo Alto
 CVE-2023-0002 (A problem with a protection mechanism in the Palo Alto Networks 
Cortex ...)
@@ -96253,7 +96253,7 @@ CVE-2022-24352 (This vulnerability allows 
network-adjacent attackers to execute
 CVE-2022-24351
        RESERVED
 CVE-2022-24350 (An issue was discovered in IhisiSmm in Insyde InsydeH2O with 
kernel 5. ...)
-       TODO: check
+       NOT-FOR-US: Insyde
 CVE-2022-24349 (An authenticated user can create a link with reflected XSS 
payload for ...)
        {DLA-3390-1 DLA-2980-1}
        - zabbix 1:6.0.7+dfsg-2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68dfd1e7b2e896a1ef3469213db1773a66eeae72

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68dfd1e7b2e896a1ef3469213db1773a66eeae72
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to