[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ed729cfb by Salvatore Bonaccorso at 2024-06-19T22:28:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2024-5676 (The Paradox IP150 Internet Module in version 1.40.00 is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: Paradox IP150 Internet Module
 CVE-2024-4632 (The WooCommerce Checkout & Funnel Builder by CartFlows \u2013 
Create H ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-38358 (Wasmer is a web assembly (wasm) Runtime supporting WASIX, WASI 
and Ems ...)
-       TODO: check
+       NOT-FOR-US: Wasmer (WebAssembly runtime)
 CVE-2024-38357 (TinyMCE is an open source rich text editor. A cross-site 
scripting (XS ...)
        TODO: check
 CVE-2024-38356 (TinyMCE is an open source rich text editor. A cross-site 
scripting (XS ...)
@@ -21,97 +21,97 @@ CVE-2024-36116 (Reposilite is an open source, lightweight 
and easy-to-use reposi
 CVE-2024-36115 (Reposilite is an open source, lightweight and easy-to-use 
repository m ...)
        TODO: check
 CVE-2024-35780 (Deserialization of Untrusted Data vulnerability in Live 
Composer Team  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-35765 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-34993 (In the module "Bulk Export products to Google Merchant-Google 
Shopping ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop module
 CVE-2024-34444 (Missing Authorization vulnerability in ThemePunch OHG Slider 
Revolutio ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-34443 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32030 (Kafka UI is an Open-Source Web UI for Apache Kafka Management. 
Kafka U ...)
        TODO: check
 CVE-2024-22263 (Spring Cloud Data Flow is a microservices-based Streaming and 
Batch da ...)
        TODO: check
 CVE-2024-0383 (The WP Recipe Maker plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6495 (The YARPP \u2013 Yet Another Related Posts Plugin plugin for 
WordPress ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50900 (Cross-Site Request Forgery (CSRF) vulnerability in Averta 
Master Slide ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-48761 (Missing Authorization vulnerability in Crocoblock JetElements 
For Elem ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-48760 (Missing Authorization vulnerability in Crocoblock JetElements 
For Elem ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-48759 (Missing Authorization vulnerability in Crocoblock JetElements 
For Elem ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-47788 (Missing Authorization vulnerability in Automattic Jetpack.This 
issue a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-47783 (Missing Authorization vulnerability in Thrive Themes Thrive 
Theme Buil ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-47771 (Missing Authorization vulnerability in ThemePunch OHG 
Essential Grid.T ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-47770 (Missing Authorization vulnerability in Muffin Group 
Betheme.This issue ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-47681 (Missing Authorization vulnerability in QuadLayers WooCommerce 
Checkout ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-46148 (Missing Authorization vulnerability in Themify Themify 
Ultra.This issu ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-46146 (Missing Authorization vulnerability in Themify Themify 
Ultra.This issu ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-45658 (Missing Authorization vulnerability in POSIMYTH Nexter.This 
issue affe ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-44151 (Missing Authorization vulnerability in Brainstorm Force 
Pre-Publish Ch ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-44148 (Missing Authorization vulnerability in Brainstorm Force Astra 
Bulk Edi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41805 (Missing Authorization vulnerability in Brainstorm Force 
Premium Starte ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40608 (Missing Authorization vulnerability in Paid Memberships Pro 
Paid Membe ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40004 (Missing Authorization vulnerability in ServMask All-in-One WP 
Migratio ...)
        TODO: check
 CVE-2023-39998 (Missing Authorization vulnerability in Muffingroup 
Betheme.This issue  ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-39993 (Missing Authorization vulnerability in Wpmet Elements kit 
Elementor ad ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39990 (Missing Authorization vulnerability in Paid Memberships 
Pro.This issue ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39922 (Missing Authorization vulnerability in ThemeFusion Avada.This 
issue af ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-39312 (Missing Authorization vulnerability in ThemeFusion Avada.This 
issue af ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2023-39310 (Missing Authorization vulnerability in ThemeFusion Fusion 
Builder.This ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38394 (Missing Authorization vulnerability in Artbees JupiterX 
Core.This issu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38393 (Missing Authorization vulnerability in Saturday Drive Ninja 
Forms.This ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38386 (Missing Authorization vulnerability in Saturday Drive Ninja 
Forms.This ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37872 (Missing Authorization vulnerability in Woo WooCommerce Ship to 
Multipl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37870 (Missing Authorization vulnerability in Woo WooCommerce 
Warranty Reques ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37869 (Missing Authorization vulnerability in Premium Addons Premium 
Addons P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-36684 (Missing Authorization vulnerability in Brainstorm Force 
Convert Pro.Th ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-36683 (Missing Authorization vulnerability in WP SCHEMA PRO Schema 
Pro.This i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-36676 (Missing Authorization vulnerability in Brainstorm Force 
Spectra.This i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-36516 (Missing Authorization vulnerability in ThimPress 
LearnPress.This issue ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-36515 (Missing Authorization vulnerability in ThimPress 
LearnPress.This issue ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-36512 (Missing Authorization vulnerability in Woo AutomateWoo.This 
issue affe ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-35050 (Missing Authorization vulnerability in Elementor Elementor 
Pro.This is ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-35049 (Missing Authorization vulnerability in WooCommerce WooCommerce 
Stripe  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-47616 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux 5.15.15-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -102246,7 +102246,7 @@ CVE-2023-25699 (Improper Neutralization of Special 
Elements used in an OS Comman
 CVE-2023-25698 (Cross-Site Request Forgery (CSRF) vulnerability in Studio 
Wombat Shopp ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25697 (Cross-Site Request Forgery (CSRF) vulnerability in 
GamiPress.This issu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25696 (Improper Input Validation vulnerability in the Apache Airflow 
Hive Pro ...)
        NOT-FOR-US: Apache Airflow Hive Provider
 CVE-2023-25695 (Generation of Error Message Containing Sensitive Information 
vulnerabi ...)
@@ -121922,7 +121922,7 @@ CVE-2022-45834
 CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 
1.5.1 on  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-45832 (Missing Authorization vulnerability in Hennessey Digital 
Attorney.This ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-45831 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
biplob01 ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-45830



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed729cfb8dac7824d98780a5b2a9af27872e3a13

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed729cfb8dac7824d98780a5b2a9af27872e3a13
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits