[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 13 Oct 2023 00:32:02 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d2f0b7b7 by Moritz Muehlenhoff at 2023-10-13T09:30:11+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,23 @@
+CVE-2023-45365
+       NOT-FOR-US: MediaWiki extension Citoid
+CVE-2023-45366
+       NOT-FOR-US: MediaWiki extension Wikibase
+CVE-2023-45368
+       NOT-FOR-US: MediaWiki extension EntitySchema
 CVE-2023-5562 (An unsafe default configuration in KNIME Analytics Platform 
before 5.2 ...)
-       TODO: check
+       NOT-FOR-US: KNIME
 CVE-2023-5556 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
structuriz ...)
-       TODO: check
+       NOT-FOR-US: structurizr/onpremises
 CVE-2023-5555 (Cross-site Scripting (XSS) - Generic in GitHub repository 
frappe/lms p ...)
-       TODO: check
+       NOT-FOR-US: frappe/lms
 CVE-2023-5554 (Lack of TLS certificate verification in log transmission of a 
financia ...)
-       TODO: check
+       NOT-FOR-US: LINE
 CVE-2023-5072 (Denial of Service  in JSON-Java versions up to and including 
20230618. ...)
        TODO: check
 CVE-2023-5046 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Procost
 CVE-2023-5045 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Kayisi
 CVE-2023-45143 (Undici is an HTTP/1.1 client written from scratch for Node.js. 
Prior t ...)
        TODO: check
 CVE-2023-45142 (OpenTelemetry-Go Contrib is a collection of third-party 
packages for O ...)
@@ -21,49 +27,49 @@ CVE-2023-45138 (Change Request is an pplication allowing 
users to request change
 CVE-2023-45133 (Babel is a compiler for writingJavaScript. In 
`@babel/traverse` prior  ...)
        TODO: check
 CVE-2023-45106 (Cross-Site Request Forgery (CSRF) vulnerability in Fedor 
Urvanov, Aram ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45103 (Cross-Site Request Forgery (CSRF) vulnerability in YAS Global 
Team Per ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45102 (Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes 
Blog Mana ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45068 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic 
Contact F ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45063 (Cross-Site Request Forgery (CSRF) vulnerability in ReCorp AI 
Content W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45060 (Cross-Site Request Forgery (CSRF) vulnerability in 
Fla-shop.Com Intera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45058 (Cross-Site Request Forgery (CSRF) vulnerability in 
KaizenCoders Short  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45052 (Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP 
Bing Map  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45048 (Cross-Site Request Forgery (CSRF) vulnerability in Repuso 
Social proof ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45047 (Cross-Site Request Forgery (CSRF) vulnerability in 
LeadSquared, Inc Le ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-45011 (Cross-Site Request Forgery (CSRF) vulnerability in Igor 
Buyanov WP Pow ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-44998 (Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, 
Randy H ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-43149 (SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery 
(CSRF) th ...)
-       TODO: check
+       NOT-FOR-US: SPA-Cart
 CVE-2023-43148 (SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: SPA-Cart
 CVE-2023-43147 (PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross 
Site Reque ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Limo Booking Software
 CVE-2023-41131 (Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ 
Follow me Da ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37637
        REJECTED
 CVE-2023-32634 (An authentication bypass vulnerability exists in the 
CiRpcServerThread ...)
-       TODO: check
+       NOT-FOR-US: SoftEther VPN
 CVE-2023-32275 (An information disclosure vulnerability exists in the 
CtEnumCa() funct ...)
-       TODO: check
+       NOT-FOR-US: SoftEther VPN
 CVE-2023-32124 (Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad 
J Publi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31192 (An information disclosure vulnerability exists in the 
ClientConnect()  ...)
-       TODO: check
+       NOT-FOR-US: SoftEther VPN
 CVE-2023-27516 (An authentication bypass vulnerability exists in the 
CiRpcAccepted() f ...)
-       TODO: check
+       NOT-FOR-US: SoftEther VPN
 CVE-2023-36839
        NOT-FOR-US: Juniper
 CVE-2023-44204



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0b7b7fa4e5d734006135c560cc6be8d459c45

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0b7b7fa4e5d734006135c560cc6be8d459c45
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to