Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a1169c86 by Salvatore Bonaccorso at 2023-12-12T21:52:47+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31768,7 +31768,7 @@ CVE-2023-31050
CVE-2023-31049
RESERVED
CVE-2023-31048 (The OPC UA .NET Standard Reference Server before 1.4.371.86.
places se ...)
- TODO: check
+ NOT-FOR-US: OPC UA .NET Standard Reference Server
CVE-2023-31047 (In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before
4.2.1, i ...)
{DLA-3415-1}
- python-django 3:3.2.19-1 (bug #1035467)
@@ -39511,7 +39511,7 @@ CVE-2023-28606 (js/event-graph.js in MISP before
2.4.169 allows XSS via event-gr
CVE-2023-28605
RESERVED
CVE-2023-28604 (The fluid_components (aka Fluid Components) extension before
3.5.0 for ...)
- TODO: check
+ NOT-FOR-US: TYPO3 extension
CVE-2023-1484 (A vulnerability was found in xzjie cms up to 1.0.3 and
classified as c ...)
NOT-FOR-US: xzjie cms
CVE-2023-1483 (A vulnerability has been found in XiaoBingBy TeaCMS up to 2.0.2
and cl ...)
@@ -62992,7 +62992,7 @@ CVE-2023-21742 (Microsoft SharePoint Server Remote Code
Execution Vulnerability)
CVE-2023-21741 (Microsoft Office Visio Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-21740 (Windows Media Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-21739 (Windows Bluetooth Driver Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-21738 (Microsoft Office Visio Remote Code Execution Vulnerability)
@@ -72907,7 +72907,7 @@ CVE-2022-44545
CVE-2022-44544 (Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04
before 22.04. ...)
- mahara <removed>
CVE-2022-44543 (The femanager extension before 5.5.2, 6.x before 6.3.3, and
7.x before ...)
- TODO: check
+ NOT-FOR-US: TYPO3 extension
CVE-2022-44542 (lesspipe before 2.06 allows attackers to execute code via Perl
Storabl ...)
NOT-FOR-US: lesspipe (not the same as lesspipe contained in src:less)
CVE-2022-44541
@@ -75449,7 +75449,7 @@ CVE-2023-20277
CVE-2023-20276
RESERVED
CVE-2023-20275 (A vulnerability in the AnyConnect SSL VPN feature of Cisco
Adaptive Se ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20274 (A vulnerability in the installer script of Cisco AppDynamics
PHP Agent ...)
NOT-FOR-US: Cisco
CVE-2023-20273 (A vulnerability in the web UI feature of Cisco IOS XE Software
could a ...)
@@ -267411,7 +267411,7 @@ CVE-2020-10678 (In Octopus Deploy before 2020.1.5,
for customers running on-prem
CVE-2020-10677
RESERVED
CVE-2020-10676 (In Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an
incorrectly ap ...)
- TODO: check
+ NOT-FOR-US: Rancher
CVE-2020-10675 (The Library API in buger jsonparser through 2019-12-04 allows
attacker ...)
- golang-github-buger-jsonparser 0.0~git20200322.0.f7e751e-1 (bug
#954373)
[buster] - golang-github-buger-jsonparser <postponed> (Limited support,
minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1169c8681491034fa927ebe63756c89b5bec89f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1169c8681491034fa927ebe63756c89b5bec89f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
