[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) Thu, 07 Sep 2023 12:24:09 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b4a79e46 by Salvatore Bonaccorso at 2023-09-07T21:22:55+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,20 +5,20 @@ CVE-2023-4792 (The Duplicate Post Page Menu & Custom Post 
Type plugin for WordPr
 CVE-2023-4772 (The Newsletter plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
        NOT-FOR-US: Newsletter plugin for WordPress
 CVE-2023-41329 (WireMock is a tool for mocking HTTP services. The proxy mode 
of WireMo ...)
-       TODO: check
+       NOT-FOR-US: WireMock
 CVE-2023-41327 (WireMock is a tool for mocking HTTP services. WireMock can be 
configur ...)
-       TODO: check
+       NOT-FOR-US: WireMock
 CVE-2023-41053 (Redis is an in-memory database that persists on disk. Redis 
does not c ...)
        - redis <unfixed>
        NOTE: 
https://github.com/redis/redis/commit/9e505e6cd842338424e05883521ca1fb7d0f47f6 
(7.2.1)
        NOTE: 
https://github.com/redis/redis/commit/0f14d3279212e1b262869b6160db87d6f117cff5 
(7.0.13)
        NOTE: 
https://github.com/redis/redis/security/advisories/GHSA-q4jr-5p56-4xwc
 CVE-2023-40397 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-40392 (A privacy issue was addressed with improved private data 
redaction for ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-39967 (WireMock is a tool for mocking HTTP services. When certain 
request URL ...)
-       TODO: check
+       NOT-FOR-US: WireMock
 CVE-2023-39956 (Electron is a framework which lets you write cross-platform 
desktop ap ...)
        - electron <itp> (bug #842420)
 CVE-2023-39240 (It is identified a format string vulnerability in ASUS 
RT-AX56U V2\u20 ...)
@@ -32,9 +32,9 @@ CVE-2023-39237 (ASUS RT-AC86U Traffic Analyzer - Apps 
analysis function has insu
 CVE-2023-39236 (ASUS RT-AC86U Traffic Analyzer - Statistic function has 
insufficient f ...)
        NOT-FOR-US: ASUS
 CVE-2023-38616 (A race condition was addressed with improved state handling. 
This issu ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-38605 (This issue was addressed with improved redaction of sensitive 
informat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-38033 (ASUS RT-AC86U unused Traffic Analyzer legacy Statistic 
function has in ...)
        NOT-FOR-US: ASUS
 CVE-2023-38032 (ASUS RT-AC86U AiProtection security- related function has 
insufficient ...)
@@ -82,13 +82,13 @@ CVE-2023-41330 (knplabs/knp-snappy is a PHP library 
allowing thumbnail, snapshot
 CVE-2023-41328 (Frappe is a low code web framework written in Python and 
Javascript. A ...)
        NOT-FOR-US: Frappe Framework
 CVE-2023-41319 (Fides is an open-source privacy engineering platform for 
managing the  ...)
-       TODO: check
+       NOT-FOR-US: Fides
 CVE-2023-41150 (F-RevoCRM 7.3 series prior to version7.3.8 contains a 
cross-site scrip ...)
        NOT-FOR-US: F-RevoCRM
 CVE-2023-41149 (F-RevoCRM version7.3.7 and version7.3.8 contains an OS command 
injecti ...)
        NOT-FOR-US: F-RevoCRM
 CVE-2023-41050 (AccessControl provides a general security framework for use in 
Zope. P ...)
-       TODO: check
+       NOT-FOR-US: Zope
 CVE-2023-40601 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Estatik  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-40591 (go-ethereum (geth) is a golang execution layer implementation 
of the E ...)
@@ -25041,21 +25041,21 @@ CVE-2019-25107
 CVE-2019-25106
        RESERVED
 CVE-2023-28215 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28214 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28213 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28212 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28211 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28210 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28209 (A buffer overflow issue was addressed with improved memory 
handling. T ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28208 (A logic issue was addressed with improved state management. 
This issue ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28207
        RESERVED
 CVE-2023-28206 (An out-of-bounds write issue was addressed with improved input 
validat ...)
@@ -25091,7 +25091,7 @@ CVE-2023-28197
 CVE-2023-28196
        RESERVED
 CVE-2023-28195 (A privacy issue was addressed with improved private data 
redaction for ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28194 (The issue was addressed with improved checks. This issue is 
fixed in i ...)
        NOT-FOR-US: Apple
 CVE-2023-28193
@@ -25105,9 +25105,9 @@ CVE-2023-28190 (A privacy issue was addressed by moving 
sensitive data to a more
 CVE-2023-28189 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
        NOT-FOR-US: Apple
 CVE-2023-28188 (A denial-of-service issue was addressed with improved input 
validation ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28187 (This issue was addressed with improved state management. This 
issue is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-28186
        RESERVED
 CVE-2023-28185
@@ -25960,7 +25960,7 @@ CVE-2023-27952 (A race condition was addressed with 
improved locking. This issue
 CVE-2023-27951 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
        NOT-FOR-US: Apple
 CVE-2023-27950 (An out-of-bounds read was addressed with improved input 
validation. Th ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-27949 (An out-of-bounds read was addressed with improved input 
validation. Th ...)
        NOT-FOR-US: Apple
 CVE-2023-27948 (An out-of-bounds read was addressed with improved input 
validation. Th ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4a79e46a2f4715a7936558b5982030da4592d93

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4a79e46a2f4715a7936558b5982030da4592d93
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Reply via email to