[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 29 Dec 2023 12:29:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
aec4c65c by Salvatore Bonaccorso at 2023-12-29T21:29:06+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2023-7171 (A vulnerability was found in Novel-Plus up to 4.2.0. It has 
been decla ...)
-       TODO: check
+       NOT-FOR-US: Novel-Plus
 CVE-2023-7166 (A vulnerability classified as problematic has been found in 
Novel-Plus ...)
-       TODO: check
+       NOT-FOR-US: Novel-Plus
 CVE-2023-7114 (Mattermost version 2.10.0 and earlier fails to sanitize 
deeplink paths ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-7113 (Mattermost version 8.1.6 and earlier fails to sanitize channel 
mention ...)
@@ -13,105 +13,105 @@ CVE-2023-7079 (Sending specially crafted HTTP requests 
and inspector messages to
 CVE-2023-7078 (Sending specially crafted HTTP requests to Miniflare's server 
could re ...)
        TODO: check
 CVE-2023-52139 (Misskey is an open source, decentralized social media 
platform. Third- ...)
-       TODO: check
+       NOT-FOR-US: Misskey
 CVE-2023-52137 (The 
[`tj-actions/verify-changed-files`](https://github.com/tj-actions/ ...)
-       TODO: check
+       NOT-FOR-US: verify-changed-files tj-actions Github actions
 CVE-2023-52135 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51688 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51687 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51676 (Server-Side Request Forgery (SSRF) vulnerability in Leevio 
Happy Addon ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51675 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in A ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51663 (Hail is an open-source, general-purpose, Python-based data 
analysis to ...)
        TODO: check
 CVE-2023-51545 (Cross-Site Request Forgery (CSRF), Deserialization of 
Untrusted Data v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51541 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51527 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51517 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51505 (Deserialization of Untrusted Data vulnerability in realmag777 
Active P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51475 (Unrestricted Upload of File with Dangerous Type vulnerability 
in IOSS  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51473 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Pixel ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51470 (Deserialization of Untrusted Data vulnerability in Jacques 
Malgrange R ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51468 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Jacqu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51422 (Deserialization of Untrusted Data vulnerability in Saleswonder 
Team We ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51421 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Soft8 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51420 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51419 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Berth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51417 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Joris ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51414 (Deserialization of Untrusted Data vulnerability in 
EnvialoSimple Env\x ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51412 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Piotn ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51411 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Shabt ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51410 (Unrestricted Upload of File with Dangerous Type vulnerability 
in WPVib ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51402 (Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm 
Force U ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51399 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51397 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51396 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51378 (Cross-Site Request Forgery (CSRF) vulnerability in Rise Themes 
Rise Bl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51374 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51373 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51372 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51371 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51361 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51358 (Cross-Site Request Forgery (CSRF) vulnerability in Bright 
Plugins Bloc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51354 (Cross-Site Request Forgery (CSRF) vulnerability in 
WebbaPlugins Appoin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50902 (Cross-Site Request Forgery (CSRF) vulnerability in WPExpertsio 
New Use ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50901 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50896 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50893 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50892 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50891 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50889 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50881 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50880 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50879 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50878 (Cross-Site Request Forgery (CSRF) vulnerability in InspireUI 
MStore AP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50837 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50572 (An issue in the component GroovyEngine.execute of jline-groovy 
v3.24.1 ...)
        TODO: check
 CVE-2023-50571 (easy-rules-mvel v4.1.0 was discovered to contain a remote code 
executi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec4c65c1a89b0e5228b46f6c379701eaae3434d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec4c65c1a89b0e5228b46f6c379701eaae3434d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to