[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
28b0c12d by Salvatore Bonaccorso at 2023-11-28T09:27:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,21 +3,21 @@ CVE-2024-0070
 CVE-2024-0069
        REJECTED
 CVE-2023-6226 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6225 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6219 (The BookingPress plugin for WordPress is vulnerable to 
arbitrary file  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-5960 (An improper privilege management vulnerability in the hotspot 
feature  ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2023-5885 (The discontinued FFS Colibri product allows a remote user to 
access fi ...)
        TODO: check
 CVE-2023-5797 (An improper privilege management vulnerability in the debug CLI 
comman ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2023-5773
        REJECTED
 CVE-2023-5650 (An improper privilege management vulnerability in the ZySH of 
the Zyxe ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2023-4667 (The web interface of the PAC Device allows the device 
administrator us ...)
        TODO: check
 CVE-2023-4398 (An integer overflow vulnerability in the source code of the 
QuickSec I ...)
@@ -39,17 +39,17 @@ CVE-2023-4221 (Command injection in 
`main/lp/openoffice_presentation.class.php`
 CVE-2023-4220 (Unrestricted file upload in big file upload functionality in 
`/main/in ...)
        TODO: check
 CVE-2023-49145 (Apache NiFi 0.7.0 through 1.23.2 include the JoltTransformJSON 
Process ...)
-       TODO: check
+       NOT-FOR-US: Apache NiFi
 CVE-2023-49075 (The Admin Classic Bundle provides a Backend UI for Pimcore. 
`AdminBund ...)
-       TODO: check
+       NOT-FOR-US: Admin Classic Bundle for Pimcore
 CVE-2023-49044 (Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows 
a remote ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2023-49030 (SQL Injection vulnerability in32ns KLive v.2019-1-19 and 
before allows ...)
-       TODO: check
+       NOT-FOR-US: in32ns KLive
 CVE-2023-48713 (Knative Serving builds on Kubernetes to support deploying and 
serving  ...)
        TODO: check
 CVE-2023-48188 (SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 
thru v.4 ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop opartdevis
 CVE-2023-48034 (An issue discovered in Acer Wireless Keyboard SK-9662 allows 
attacker  ...)
        TODO: check
 CVE-2023-48023 (Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the 
vendor' ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28b0c12dddb2c68309e86b108e3f69ad9994a252

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28b0c12dddb2c68309e86b108e3f69ad9994a252
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits