[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Mon, 09 Oct 2023 07:13:10 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ab643297 by Moritz Muehlenhoff at 2023-10-09T16:12:35+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85,7 +85,7 @@ CVE-2023-40632 (In jpg driver, there is a possible use after 
free due to a logic
 CVE-2023-40631 (In Dialer, there is a possible missing permission check. This 
could le ...)
        NOT-FOR-US: Unisoc
 CVE-2023-5182 (Sensitive data could be exposed in logs of subiquity version 
23.09.1 a ...)
-       TODO: check
+       NOT-FOR-US: Subiquity
 CVE-2023-45322 (libxml2 through 2.11.5 has a use-after-free that can only 
occur after  ...)
        - libxml2 <unfixed> (bug #1053629)
        [bookworm] - libxml2 <no-dsa> (Minor issue)
@@ -119,7 +119,7 @@ CVE-2023-4530 (Improper Neutralization of Special Elements 
used in an SQL Comman
 CVE-2023-4469 (The Profile Extra Fields by BestWebSoft plugin for WordPress is 
vulner ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45311 (fsevents before 1.2.11 depends on the 
https://fsevents-binaries.s3-us- ...)
-       TODO: check
+       NOT-FOR-US: fsevents
 CVE-2023-45303 (ThingsBoard before 3.5 allows Server-Side Template Injection 
if users  ...)
        NOT-FOR-US: ThingsBoard
 CVE-2023-45282 (In NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype 
polluti ...)
@@ -131,7 +131,7 @@ CVE-2023-45245 (Sensitive information disclosure due to 
missing authorization. T
 CVE-2023-45244 (Sensitive information disclosure and manipulation due to 
missing autho ...)
        NOT-FOR-US: Acronis
 CVE-2023-45239 (A lack of input validation exists in tac_plus prior to commit 
4fdf178  ...)
-       TODO: check
+       NOT-FOR-US: tac_plus
 CVE-2023-44807 (D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in 
the canc ...)
        NOT-FOR-US: D-Link
 CVE-2023-44771 (A Cross-Site Scripting (XSS) vulnerability in Zenario CMS 
v.9.4.59197  ...)
@@ -159,7 +159,7 @@ CVE-2023-44233 (Cross-Site Request Forgery (CSRF) 
vulnerability in FooPlugins Be
 CVE-2023-44146 (Cross-Site Request Forgery (CSRF) vulnerability in Checkfront 
Inc. Che ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-43810 (OpenTelemetry, also known as OTel for short, is a 
vendor-neutral open- ...)
-       TODO: check
+       NOT-FOR-US: OpenTelemetry
 CVE-2023-43058 (IBM Robotic Process Automation 23.0.9 is vulnerable to 
privilege escal ...)
        NOT-FOR-US: IBM
 CVE-2023-42445 (Gradle is a build tool with a focus on build automation and 
support fo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab64329783d551fb08086f9a0161157a13bbd217

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab64329783d551fb08086f9a0161157a13bbd217
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to