[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Tue, 05 Mar 2024 13:06:11 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dd60b624 by Salvatore Bonaccorso at 2024-03-05T22:04:52+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2024-2188 (Cross-Site Scripting (XSS) vulnerability stored in TP-Link 
Archer AX50 ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2024-2056 (Services that are running and bound to the loopback interface 
on the A ...)
-       TODO: check
+       NOT-FOR-US: Artica Proxy
 CVE-2024-2055 (The "Rich Filemanager" feature of Artica Proxy provides a 
web-based in ...)
-       TODO: check
+       NOT-FOR-US: Artica Proxy
 CVE-2024-2054 (The Artica-Proxy administrative web application will 
deserialize arbit ...)
-       TODO: check
+       NOT-FOR-US: Artica Proxy
 CVE-2024-2053 (The Artica Proxy administrative web application will 
deserialize arbit ...)
-       TODO: check
+       NOT-FOR-US: Artica Proxy
 CVE-2024-2005 (Blue Planet\xae has released software updates that address this 
vulner ...)
-       TODO: check
+       NOT-FOR-US: Blue Planet
 CVE-2024-27931 (Deno is a JavaScript, TypeScript, and WebAssembly runtime with 
secure  ...)
        NOT-FOR-US: Deno
 CVE-2024-27929 (ImageSharp is a managed, cross-platform, 2D graphics library. 
A heap-u ...)
@@ -51,7 +51,7 @@ CVE-2024-23243 (A privacy issue was addressed with improved 
private data redacti
 CVE-2024-23225 (A memory corruption issue was addressed with improved 
validation. This ...)
        TODO: check
 CVE-2024-22352 (IBM InfoSphere Information Server 11.7 stores potentially 
sensitive in ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-22255 (VMware ESXi, Workstation, and Fusion contain an information 
disclosure ...)
        NOT-FOR-US: VMware
 CVE-2024-22254 (VMware ESXi contains an out-of-bounds write vulnerability.A 
malicious  ...)
@@ -61,9 +61,9 @@ CVE-2024-22253 (VMware ESXi, Workstation, and Fusion contain 
a use-after-free vu
 CVE-2024-22252 (VMware ESXi, Workstation, and Fusion contain a use-after-free 
vulnerab ...)
        NOT-FOR-US: VMware
 CVE-2024-1202 (Authentication Bypass by Primary Weakness vulnerability in 
XPodas Octo ...)
-       TODO: check
+       NOT-FOR-US: XPodas Octopod
 CVE-2023-7103 (Authentication Bypass by Primary Weakness vulnerability in 
ZKSoftware  ...)
-       TODO: check
+       NOT-FOR-US: ZKSoftware Biometric Security Solutions UFace
 CVE-2023-5457 (A CWE-1269 \u201cProduct Released in Non-Release 
Configuration\u201d v ...)
        TODO: check
 CVE-2023-5456 (A CWE-798 \u201cUse of Hard-coded Credentials\u201d 
vulnerability in t ...)
@@ -89,7 +89,7 @@ CVE-2023-45592 (A CWE-250 \u201cExecution with Unnecessary 
Privileges\u201d vuln
 CVE-2023-45591 (A CWE-122 \u201cHeap-based Buffer Overflow\u201d vulnerability 
in the  ...)
        TODO: check
 CVE-2023-35899 (IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 
19.0.2, 1 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-48630 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
        - linux 5.17.11-1
        [bullseye] - linux 5.10.120-1
@@ -64698,7 +64698,7 @@ CVE-2023-26284 (IBM MQ Certified Container 9.3.0.1 
through 9.3.0.3 and 9.3.1.0 t
 CVE-2023-26283 (IBM WebSphere Application Server 9.0 is vulnerable to 
cross-site scrip ...)
        NOT-FOR-US: IBM
 CVE-2023-26282 (IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a 
user wit ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-26281 (IBM HTTP Server 8.5 used by IBM WebSphere Application Server 
could all ...)
        NOT-FOR-US: IBM
 CVE-2023-26280
@@ -66781,7 +66781,7 @@ CVE-2023-25683 (IBM PowerVM Hypervisor FW950.00 through 
FW950.71, FW1010.00 thro
 CVE-2023-25682 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 
6.0.3.8 a ...)
        NOT-FOR-US: IBM
 CVE-2023-25681 (LDAP users on IBM Spectrum Virtualize 8.5 which are configured 
to requ ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-25680 (IBM Robotic Process Automation 21.0.1 through 21.0.5 is 
vulnerable to  ...)
        NOT-FOR-US: IBM
 CVE-2023-25679
@@ -85575,7 +85575,7 @@ CVE-2022-46090
 CVE-2022-46089
        RESERVED
 CVE-2022-46088 (Online Flight Booking Management System v1.0 was discovered to 
contain ...)
-       TODO: check
+       NOT-FOR-US: Online Flight Booking Management System
 CVE-2022-46087 (CloudSchool v3.0.1 is vulnerable to Cross Site Scripting 
(XSS). A norm ...)
        NOT-FOR-US: CloudSchool
 CVE-2022-46086
@@ -157681,7 +157681,7 @@ CVE-2022-22401 (IBM Aspera Faspex 5.0.5 could allow a 
remote attacker to gather
 CVE-2022-22400
        RESERVED
 CVE-2022-22399 (IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header 
injecti ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22398
        RESERVED
 CVE-2022-22397



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd60b62496e6e8e62cc7744f18572e40adb02444

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd60b62496e6e8e62cc7744f18572e40adb02444
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to