[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 20 Dec 2023 02:25:42 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8e72f9c5 by Moritz Muehlenhoff at 2023-12-20T11:18:30+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2023-37544
+       NOT-FOR-US: Apache Pulsar
 CVE-2023-6977 (This vulnerability enables malicious users to read sensitive 
files on  ...)
        NOT-FOR-US: mlflow
 CVE-2023-6976 (This vulnerability is capable of writing arbitrary files into 
arbitrar ...)
@@ -73,13 +75,13 @@ CVE-2023-45887 (DS Wireless Communication (DWC) with 
DWC_VERSION_3 and DWC_VERSI
 CVE-2023-45172 (IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged 
local user ...)
        NOT-FOR-US: IBM
 CVE-2023-42940 (A session rendering issue was addressed with improved session 
tracking ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2023-42013 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 
7.2.3.7,  ...)
        NOT-FOR-US: IBM
 CVE-2023-42012 (An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 
through 7.3 ...)
        NOT-FOR-US: IBM
 CVE-2023-38126 (Softing edgeAggregator Restore Configuration Directory 
Traversal Remot ...)
-       TODO: check
+       NOT-FOR-US: Softing edgeAggregator
 CVE-2023-37982 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in C ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-35883 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in M ...)
@@ -183,7 +185,7 @@ CVE-2023-34382 (Deserialization of Untrusted Data 
vulnerability in weDevs Dokan
 CVE-2023-34027 (Deserialization of Untrusted Data vulnerability in Rajnish 
Arora Recen ...)
        NOT-FOR-US: WordPress plugin
 CVE-2019-25158 (A vulnerability has been found in pedroetb tts-api up to 2.1.4 
and cla ...)
-       TODO: check
+       NOT-FOR-US: pedroetb tts-api
 CVE-2023-50762 (When processing a PGP/MIME payload that contains digitally 
signed text ...)
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-50762
@@ -46217,7 +46219,7 @@ CVE-2023-27174
 CVE-2023-27173
        RESERVED
 CVE-2023-27172 (Xpand IT Write-back Manager v2.3.1 uses weak secret keys to 
sign JWT t ...)
-       TODO: check
+       NOT-FOR-US: Xpand IT Write-back manager
 CVE-2023-27171
        REJECTED
 CVE-2023-27170 (Xpand IT Write-back manager v2.3.1 allows attackers to perform 
a direc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e72f9c54c6db8e710a8e924d54c96688eb31ee0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e72f9c54c6db8e710a8e924d54c96688eb31ee0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to