[Git][security-tracker-team/security-tracker][master] Process NFUs

Mon, 17 Apr 2023 13:21:40 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
505adad3 by Salvatore Bonaccorso at 2023-04-17T22:21:01+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85,9 +85,9 @@ CVE-2023-30773
 CVE-2023-30771 (Incorrect Authorization vulnerability in Apache Software 
Foundation Ap ...)
        NOT-FOR-US: Apache IoTDB
 CVE-2015-10103 (A vulnerability, which was classified as problematic, was 
found in Int ...)
-       TODO: check
+       NOT-FOR-US: InternalError503 Forget It
 CVE-2015-10102 (A vulnerability, which was classified as critical, has been 
found in F ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2015-10101 (A vulnerability classified as problematic was found in Google 
Analytic ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-2107 (A vulnerability, which was classified as critical, was found in 
IBOS 4 ...)
@@ -705,7 +705,7 @@ CVE-2023-2019
 CVE-2023-2018
        RESERVED
 CVE-2023-2017 (Server-side Template Injection (SSTI) in Shopware 6 (<= 
v6.4.20.0,  ...)
-       TODO: check
+       NOT-FOR-US: Shopware
 CVE-2023-2016
        RESERVED
 CVE-2023-2015
@@ -2736,7 +2736,7 @@ CVE-2023-29667
 CVE-2023-29666
        RESERVED
 CVE-2023-29665 (D-Link DIR823G_V1.0.2B05 was discovered to contain a stack 
overflow vi ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2023-29664
        RESERVED
 CVE-2023-29663
@@ -3642,7 +3642,7 @@ CVE-2023-1875
 CVE-2023-1874 (The WP Data Access plugin for WordPress is vulnerable to 
privilege esc ...)
        NOT-FOR-US: WP Data Access plugin for WordPress
 CVE-2023-1873 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Faturamatik Bircard
 CVE-2023-1872 (A use-after-free vulnerability in the Linux Kernel io_uring 
system can ...)
        - linux 5.17.3-1
        [buster] - linux <not-affected> (Vulnerable code introduced later)
@@ -4710,7 +4710,7 @@ CVE-2023-1725 (Server-Side Request Forgery (SSRF) 
vulnerability in Infoline Proj
 CVE-2023-1724
        RESERVED
 CVE-2023-1723 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Veragroup Mobile Assistant
 CVE-2023-1722
        RESERVED
 CVE-2023-1721
@@ -8947,7 +8947,7 @@ CVE-2023-27846
 CVE-2023-27845
        RESERVED
 CVE-2023-27844 (SQL injection vulnerability found in PrestaShopleurlrewrite 
v.1.0 and  ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2023-27843
        RESERVED
 CVE-2023-27842 (Insecure Permissions vulnerability found in Extplorer File 
manager eXt ...)
@@ -9190,7 +9190,7 @@ CVE-2023-27735
 CVE-2023-27734 (An issue found in Eteran edb-debugger v.1.3.0 allows a local 
attacker  ...)
        NOT-FOR-US: Eteran edb-debugger
 CVE-2023-27733 (DedeCMS v5.7.106 was discovered to contain a SQL injection 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2023-27732
        RESERVED
 CVE-2023-27731
@@ -10220,7 +10220,7 @@ CVE-2023-22658
 CVE-2023-22435
        RESERVED
 CVE-2023-1109 (In Phoenix Contacts ENERGY AXC PU Web service an authenticated 
restric ...)
-       TODO: check
+       NOT-FOR-US: Phoenix Contacts ENERGY AXC PU Web service
 CVE-2023-1108
        RESERVED
        - undertow <unfixed> (bug #1033253)
@@ -15480,7 +15480,7 @@ CVE-2023-25506
 CVE-2023-25505
        RESERVED
 CVE-2023-25504 (A malicious actor who has been authenticated and granted 
specific perm ...)
-       TODO: check
+       NOT-FOR-US: Apache Superset
 CVE-2023-25503
        RESERVED
 CVE-2023-25502
@@ -37026,7 +37026,7 @@ CVE-2022-44728
 CVE-2022-44727 (The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 
for Pres ...)
        NOT-FOR-US: PrestaShop module
 CVE-2022-44726 (The TouchDown Timesheet tracking component 4.1.4 for Jira 
allows XSS i ...)
-       TODO: check
+       NOT-FOR-US: TouchDown Timesheet tracking component for Jira
 CVE-2022-44725 (OPC Foundation Local Discovery Server (LDS) through 
1.04.403.478 uses  ...)
        NOT-FOR-US: OPC Foundation Local Discovery Server (LDS)
 CVE-2022-44724 (The Handy Tip macro in Stiltsoft Handy Macros for Confluence 
Server/Da ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505adad3c8d18ef1e46eab9803cd2d3c4f92307e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505adad3c8d18ef1e46eab9803cd2d3c4f92307e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to