[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Aug 29 05:14:13 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8abc8feb by Salvatore Bonaccorso at 2019-08-29T04:13:43Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75,9 +75,9 @@ CVE-2019-15715
 CVE-2019-15714 (cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \  ...)
 	TODO: check
 CVE-2019-15713 (The my-calendar plugin before 3.1.10 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: my-calendar plugin for WordPress
 CVE-2017-18593 (The updraftplus plugin before 1.13.5 for WordPress has XSS in rare cas ...)
-	TODO: check
+	NOT-FOR-US: updraftplus plugin for WordPress
 CVE-2015-9379 (iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via a ...)
 	TODO: check
 CVE-2015-9378 (iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via a ...)
@@ -113,33 +113,33 @@ CVE-2015-9364 (2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress
 CVE-2015-9363 (iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg ...)
 	TODO: check
 CVE-2015-9362 (The Post Connector plugin before 1.0.4 for WordPress has XSS via add_q ...)
-	TODO: check
+	NOT-FOR-US: Post Connector plugin for WordPress
 CVE-2015-9361 (The Related Posts plugin before 1.8.2 for WordPress has XSS via add_qu ...)
-	TODO: check
+	NOT-FOR-US: Related Posts plugin for WordPress
 CVE-2015-9360 (The updraftplus plugin before 1.9.64 for WordPress has XSS via add_que ...)
-	TODO: check
+	NOT-FOR-US: updraftplus plugin for WordPress
 CVE-2015-9359 (The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_ar ...)
-	TODO: check
+	NOT-FOR-US: Jetpack plugin for WordPress
 CVE-2015-9358 (The feedwordpress plugin before 2015.0514 for WordPress has XSS via ad ...)
-	TODO: check
+	NOT-FOR-US: feedwordpress plugin for WordPress
 CVE-2015-9357 (The akismet plugin before 3.1.5 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: akismet plugin for WordPress
 CVE-2015-9356 (The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_quer ...)
-	TODO: check
+	NOT-FOR-US: wp-vipergb plugin for WordPress
 CVE-2015-9355 (The two-factor-authentication plugin before 1.1.10 for WordPress has X ...)
-	TODO: check
+	NOT-FOR-US: two-factor-authentication plugin for WordPress
 CVE-2015-9354 (The gigpress plugin before 2.3.11 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: gigpress plugin for WordPress
 CVE-2015-9353 (The gigpress plugin before 2.3.11 for WordPress has SQL injection in t ...)
-	TODO: check
+	NOT-FOR-US: gigpress plugin for WordPress
 CVE-2012-6719 (The sharebar plugin before 1.2.2 for WordPress has SQL injection. ...)
-	TODO: check
+	NOT-FOR-US: sharebar plugin for WordPress
 CVE-2012-6718 (The sharebar plugin before 1.2.2 for WordPress has XSS, a different is ...)
-	TODO: check
+	NOT-FOR-US: sharebar plugin for WordPress
 CVE-2012-6717 (The redirection plugin before 2.2.12 for WordPress has XSS, a differen ...)
-	TODO: check
+	NOT-FOR-US: redirection plugin for WordPress
 CVE-2011-5329 (The redirection plugin before 2.2.9 for WordPress has XSS in the admin ...)
-	TODO: check
+	NOT-FOR-US: redirection plugin for WordPress
 CVE-2019-15712
 	RESERVED
 CVE-2019-15711
@@ -15682,7 +15682,7 @@ CVE-2019-10393
 CVE-2019-10392
 	RESERVED
 CVE-2019-10391 (Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier tra ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-10390 (A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earl ...)
 	TODO: check
 CVE-2019-10389 (A missing permission check in Jenkins Relution Enterprise Appstore Pub ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8abc8feb70afa53153004d427a62b10c55e10b7c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8abc8feb70afa53153004d427a62b10c55e10b7c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190829/fe0d560d/attachment.html>

More information about the debian-security-tracker-commits mailing list