Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5a4df7f6 by Salvatore Bonaccorso at 2023-09-06T22:02:42+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -312,9 +312,9 @@ CVE-2023-41909 (An issue was discovered in FRRouting FRR
through 9.0. bgp_nlri_p
NOTE:
https://github.com/FRRouting/frr/commit/cc1a551cb007cc8ed8b1ea0605a7ab46c16de12b
(frr-8.5.1)
NOTE:
https://github.com/FRRouting/frr/commit/0a12b878082f77b67ad5d9b4782846ac738575a2
(frr-8.4.4)
CVE-2023-41908 (Cerebrate before 1.15 lacks the Secure attribute for the
session cooki ...)
- TODO: check
+ NOT-FOR-US: Cerebrate
CVE-2023-41058 (Parse Server is an open source backend server. In affected
versions th ...)
- TODO: check
+ NOT-FOR-US: Node parse-server
CVE-2023-41057 (hyper-bump-it is a command line tool for updating the version
in proje ...)
TODO: check
CVE-2023-41055 (LibreY is a fork of LibreX, a framework-less and
javascript-free priva ...)
@@ -328,45 +328,45 @@ CVE-2023-40937
CVE-2023-40936
REJECTED
CVE-2023-40705 (Stored cross-site scripting vulnerability in Map setting page
of VI We ...)
- TODO: check
+ NOT-FOR-US: VI Web Client
CVE-2023-40535 (Stored cross-site scripting vulnerability in View setting page
of VI W ...)
- TODO: check
+ NOT-FOR-US: VI Web Client
CVE-2023-40214 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Vathemes ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-40208 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Aleksand ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40206 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in hwk- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40205 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Pixelgra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40197 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40196 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
ImageRec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40015 (Vyper is a Pythonic Smart Contract Language. For the following
(probab ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2023-3814 (The Advanced File Manager WordPress plugin before 5.1.1 does
not adequ ...)
NOT-FOR-US: WordPress plugin
CVE-2023-3499 (The Photo Gallery, Images, Slider in Rbs Image Gallery
WordPress plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-3222 (Vulnerability in the password recovery mechanism of Password
Recovery ...)
- TODO: check
+ NOT-FOR-US: Roundcube plugin
CVE-2023-3221 (User enumeration vulnerability in Password Recovery plugin 1.2
version ...)
- TODO: check
+ NOT-FOR-US: Roundcube plugin
CVE-2023-39992 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
vCita.Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39991 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Blindsid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39988 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ajay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39938 (Reflected cross-site scripting vulnerability in VI Web Client
prior to ...)
- TODO: check
+ NOT-FOR-US: VI Web Client
CVE-2023-39919 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in maen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39918 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
SAASPROJ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39448 (Path traversal vulnerability in SHIRASAGI prior to v1.18.0
allows a r ...)
TODO: check
CVE-2023-39164 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Molongui ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a4df7f63d5daf6ce624988145e8d938de77ac9d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a4df7f63d5daf6ce624988145e8d938de77ac9d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
