[Git][security-tracker-team/security-tracker][master] Process NFUs

Tue, 11 Apr 2023 00:28:57 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
78fecab7 by Salvatore Bonaccorso at 2023-04-11T09:27:54+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5261,7 +5261,7 @@ CVE-2023-28490
 CVE-2023-28489
        RESERVED
 CVE-2023-1478 (The Hummingbird WordPress plugin before 3.4.2 does not validate 
the ge ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-1477
        RESERVED
 CVE-2023-1476
@@ -5382,9 +5382,9 @@ CVE-2023-1428
 CVE-2023-1427
        RESERVED
 CVE-2023-1426 (The WP Tiles WordPress plugin through 1.1.2 does not ensure 
that posts ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-1425 (The WordPress CRM, Email & Marketing Automation for 
WordPress | Aw ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-28488
        RESERVED
 CVE-2023-28487 (Sudo before 1.9.13 does not escape control characters in 
sudoreplay ou ...)
@@ -5802,7 +5802,7 @@ CVE-2023-1408
 CVE-2023-1407 (A vulnerability classified as critical was found in 
SourceCodester Stu ...)
        NOT-FOR-US: SourceCodester
 CVE-2023-1406 (The JetEngine WordPress plugin before 3.1.3.1 includes uploaded 
files  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-48420
        RESERVED
 CVE-2022-48419
@@ -6212,7 +6212,7 @@ CVE-2023-27389
 CVE-2023-23575
        RESERVED
 CVE-2023-1381 (The WP Meta SEO WordPress plugin before 4.5.5 does not validate 
image  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-48402
        RESERVED
 CVE-2022-48401
@@ -8847,11 +8847,11 @@ CVE-2023-1124 (The Shopping Cart & eCommerce Store 
WordPress plugin before 5
 CVE-2023-1123
        RESERVED
 CVE-2023-1122 (The Simple Giveaways WordPress plugin before 2.45.1 does not 
sanitise  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-1121 (The Simple Giveaways WordPress plugin before 2.45.1 does not 
sanitise  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-1120 (The Simple Giveaways WordPress plugin before 2.45.1 does not 
sanitise  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-1119
        RESERVED
 CVE-2023-1118 (A flaw use after free in the Linux kernel integrated infrared 
receiver ...)
@@ -11175,7 +11175,7 @@ CVE-2023-0985
 CVE-2023-0984
        RESERVED
 CVE-2023-0983 (The stylish-cost-calculator-premium WordPress plugin before 
7.9.0 does ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0982 (A vulnerability was found in SourceCodester Yoga Class 
Registration Sy ...)
        NOT-FOR-US: SourceCodester Yoga Class Registration System
 CVE-2023-0981 (A vulnerability was found in SourceCodester Yoga Class 
Registration Sy ...)
@@ -12548,7 +12548,7 @@ CVE-2023-0895 (The WP Coder – add custom html, 
css and js code plugin for
 CVE-2023-0894
        RESERVED
 CVE-2023-0893 (The Time Sheets WordPress plugin before 1.29.3 does not 
sanitise and e ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0892
        RESERVED
 CVE-2023-0891
@@ -12628,7 +12628,7 @@ CVE-2023-0876 (The WP Meta SEO WordPress plugin before 
4.5.3 does not authorize
 CVE-2023-0875 (The WP Meta SEO WordPress plugin before 4.5.3 does not properly 
saniti ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0874 (The Klaviyo WordPress plugin before 3.0.10 does not sanitize 
and escap ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0873
        RESERVED
 CVE-2023-25932
@@ -15810,7 +15810,7 @@ CVE-2023-0607 (Cross-site Scripting (XSS) - Stored in 
GitHub repository projects
 CVE-2023-0606 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
ampache/am ...)
        - ampache <removed>
 CVE-2023-0605 (The Auto Rename Media On Upload WordPress plugin before 1.1.0 
does not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0604
        RESERVED
 CVE-2023-0603
@@ -16609,7 +16609,7 @@ CVE-2023-0548 (The Namaste! LMS WordPress plugin before 
2.5.9.4 does not sanitiz
 CVE-2023-0547
        RESERVED
 CVE-2023-0546 (The Contact Form Plugin WordPress plugin before 4.3.25 does not 
proper ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0545
        RESERVED
 CVE-2023-0544
@@ -18333,9 +18333,9 @@ CVE-2023-0425
 CVE-2023-0424
        RESERVED
 CVE-2023-0423 (The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does 
not sa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0422 (The Article Directory WordPress plugin through 1.3 does not 
properly s ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0421
        RESERVED
 CVE-2023-0420
@@ -18995,7 +18995,7 @@ CVE-2023-0365 (The React Webcam WordPress plugin 
through 1.2.0 does not validate
 CVE-2023-0364 (The real.Kit WordPress plugin before 5.1.1 does not validate 
and escap ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0363 (The Scheduled Announcements Widget WordPress plugin before 1.0 
does no ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0362 (Themify Portfolio Post WordPress plugin before 1.2.2 does not 
validate ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-0361 (A timing side-channel in the handling of RSA ClientKeyExchange 
message ...)
@@ -21714,9 +21714,9 @@ CVE-2023-0159 (The Extensive VC Addons for WPBakery 
page builder WordPress plugi
 CVE-2023-0158 (NLnet Labs Krill supports direct access to the RRDP repository 
content ...)
        NOT-FOR-US: NLnet Labs Krill
 CVE-2023-0157 (The All-In-One Security (AIOS) WordPress plugin before 5.1.5 
does not  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0156 (The All-In-One Security (AIOS) WordPress plugin before 5.1.5 
does not  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-0155
        RESERVED
 CVE-2023-0154 (The GamiPress WordPress plugin before 1.0.9 does not validate 
and esca ...)
@@ -23609,7 +23609,7 @@ CVE-2022-4829 (The Show-Hide / Collapse-Expand 
WordPress plugin through 1.2.5 do
 CVE-2022-4828 (The Bold Timeline Lite WordPress plugin before 1.1.5 does not 
validate ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-4827 (The WP Tiles WordPress plugin through 1.1.2 does not validate 
and esca ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-4826 (The Simple Tooltips WordPress plugin before 2.1.4 does not 
validate an ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-4825 (The WP-ShowHide WordPress plugin before 1.05 does not validate 
and esc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78fecab7742878c29a525decf5073c4e1cfe4555

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78fecab7742878c29a525decf5073c4e1cfe4555
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to