Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
71a110bf by Salvatore Bonaccorso at 2023-09-08T22:23:18+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
CVE-2023-4843 (Pega Platform versions 7.1 to 8.8.3 are affected by an HTML
Injection ...)
- TODO: check
+ NOT-FOR-US: Pega Platform
CVE-2023-4782 (Terraform version 1.0.8 through 1.5.6 allows arbitrary file
write duri ...)
TODO: check
CVE-2023-4777 (An incorrect permission check in Qualys Container Scanning
Connector P ...)
- TODO: check
+ NOT-FOR-US: Qualys Container Scanning Connector Plugin
CVE-2023-42268 (Jeecg boot up to v3.5.3 was discovered to contain a SQL
injection vuln ...)
- TODO: check
+ NOT-FOR-US: JeecgBoot
CVE-2023-41578 (Jeecg boot up to v3.5.3 was discovered to contain an arbitrary
file re ...)
- TODO: check
+ NOT-FOR-US: JeecgBoot
CVE-2023-41575 (Multiple stored cross-site scripting (XSS) vulnerabilities in
/bbdms/s ...)
- TODO: check
+ NOT-FOR-US: Blood Bank & Donor Management
CVE-2023-41338 (Fiber is an Express inspired web framework built in the go
language. V ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2023-41318 (matrix-media-repo is a highly customizable multi-domain media
reposito ...)
TODO: check
CVE-2023-40924 (SolarView Compact < 6.00 is vulnerable to Directory Traversal.)
- TODO: check
+ NOT-FOR-US: SolarView Compact
CVE-2023-39712 (Multiple cross-site scripting (XSS) vulnerabilities in Free
and Open S ...)
- TODO: check
+ NOT-FOR-US: Free and Open Source Inventory Management System
CVE-2023-39676 (SimpleImportProduct Prestashop Module v1.0.0 was discovered to
contain ...)
- TODO: check
+ NOT-FOR-US: SimpleImportProduct Prestashop Module
CVE-2023-39584 (Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary
file re ...)
TODO: check
CVE-2023-39076 (Injecting random data into the USB memory area on a General
Motors (GM ...)
- TODO: check
+ NOT-FOR-US: General Motors (GM) Chevrolet Equinox
CVE-2023-38736 (IBM QRadar WinCollect Agent 10.0 through 10.1.6, when
installed to run ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-32332 (IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset
Management ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-4807 (Issue summary: The POLY1305 MAC (message authentication code)
implemen ...)
- openssl <not-affected> (Windows-specific)
NOTE: https://www.openssl.org/news/secadv/20230908.txt
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71a110bf3a282a4f20e90442f230a20b5c747fe5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71a110bf3a282a4f20e90442f230a20b5c747fe5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
