[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Fri, 10 Nov 2023 13:42:36 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5e8b895c by Salvatore Bonaccorso at 2023-11-10T22:42:04+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,17 +43,17 @@ CVE-2023-46733 (Symfony is a PHP framework for web and 
console applications and
 CVE-2023-46130 (Discourse is an open source platform for community discussion. 
Prior t ...)
        NOT-FOR-US: Discourse
 CVE-2023-45816 (Discourse is an open source platform for community discussion. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Discourse
 CVE-2023-45806 (Discourse is an open source platform for community discussion. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Discourse
 CVE-2023-41285 (A SQL injection vulnerability has been reported to affect 
QuMagie. If  ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-41284 (A SQL injection vulnerability has been reported to affect 
QuMagie. If  ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-39295 (An OS command injection vulnerability has been reported to 
affect QuMa ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-36027 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2023-5870
        - postgresql-16 16.1-1
        - postgresql-15 <unfixed>
@@ -333,7 +333,7 @@ CVE-2023-3959 (Zavio CF7500, CF7300, CF7201, CF7501, 
CB3211, CB3212, CB5220,  CB
 CVE-2023-39435 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,  
CB6231, ...)
        NOT-FOR-US: Zavio
 CVE-2023-37790 (Jaspersoft Clarity PPM version 14.3.0.298 was discovered to 
contain an ...)
-       TODO: check
+       NOT-FOR-US: Jaspersoft Clarity PPM
 CVE-2023-37533 (HCL Connections is vulnerable to reflected cross-site 
scripting (XSS)  ...)
        NOT-FOR-US: HCL
 CVE-2023-36667 (Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 
allows Dire ...)
@@ -26418,9 +26418,9 @@ CVE-2023-31080
 CVE-2023-31079 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-31078 (Cross-Site Request Forgery (CSRF) vulnerability in Marco 
Steinbrecher  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31077 (Cross-Site Request Forgery (CSRF) vulnerability in ReCorp 
Export WP Pa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31076 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Really S ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-31075
@@ -28513,7 +28513,7 @@ CVE-2023-30480
 CVE-2023-30479
        RESERVED
 CVE-2023-30478 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant 
Newslette ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-30477 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Essi ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-30476
@@ -31066,7 +31066,7 @@ CVE-2023-29442 (Zoho ManageEngine Applications Manager 
before 16400 allows proxy
 CVE-2023-29441 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Robert H ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-29440 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers 
Simple  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29439 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
FooPlugi ...)
        NOT-FOR-US: FooGallery
 CVE-2023-29438 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Eric ...)
@@ -31090,11 +31090,11 @@ CVE-2023-29430 (Unauth. Reflected Cross-Site 
Scripting (XSS) vulnerability in CT
 CVE-2023-29429
        RESERVED
 CVE-2023-29428 (Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins 
Superb So ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
TMS Book ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-29426 (Cross-Site Request Forgery (CSRF) vulnerability in Robert 
Schulz (sprd ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-29425
        RESERVED
 CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Plai ...)
@@ -50159,7 +50159,7 @@ CVE-2023-23369 (An OS command injection vulnerability 
has been reported to affec
 CVE-2023-23368 (An OS command injection vulnerability has been reported to 
affect seve ...)
        NOT-FOR-US: QNAP
 CVE-2023-23367 (An OS command injection vulnerability has been reported to 
affect seve ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2023-23366 (A path traversal vulnerability has been reported to affect 
Music Stati ...)
        NOT-FOR-US: QNAP
 CVE-2023-23365 (A path traversal vulnerability has been reported to affect 
Music Stati ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e8b895ccf40f72fae0f03a3628840576fd9c354

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e8b895ccf40f72fae0f03a3628840576fd9c354
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to