[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Dec 15 10:40:52 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1fb24f7a by Salvatore Bonaccorso at 2022-12-15T11:40:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,7 +101,7 @@ CVE-2022-4503 (Cross-site Scripting (XSS) - Generic in GitHub repository openemr
 CVE-2022-4502 (Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/op ...)
 	TODO: check
 CVE-2022-4501 (The Mega Addons plugin for WordPress is vulnerable to authorization by ...)
-	TODO: check
+	NOT-FOR-US: Mega Addons plugin for WordPress
 CVE-2022-47405
 	RESERVED
 CVE-2022-47404
@@ -1507,7 +1507,7 @@ CVE-2022-4412
 CVE-2022-4411
 	RESERVED
 CVE-2022-4410 (The Permalink Manager Lite plugin for WordPress is vulnerable to Store ...)
-	TODO: check
+	NOT-FOR-US: Permalink Manager Lite plugin for WordPress
 CVE-2022-4409 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub ...)
 	NOT-FOR-US: phpMyFAQ
 CVE-2022-4408 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
@@ -16823,7 +16823,7 @@ CVE-2022-3429
 CVE-2022-3428
 	RESERVED
 CVE-2022-3427 (The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request ...)
-	TODO: check
+	NOT-FOR-US: Corner Ad plugin for WordPress
 CVE-2022-3426 (The Advanced WP Columns WordPress plugin through 2.0.6 does not saniti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3425
@@ -32585,7 +32585,7 @@ CVE-2022-36440
 CVE-2022-2537 (The WooCommerce PDF Invoices & Packing Slips WordPress plugin befo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2536 (The Transposh WordPress Translation plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: Transposh WordPress Translation plugin for WordPress
 CVE-2022-2535 (The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not e ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2534 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
@@ -218016,7 +218016,7 @@ CVE-2020-4499 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access
 CVE-2020-4498 (IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privileged use ...)
 	NOT-FOR-US: IBM
 CVE-2020-4497 (IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive i ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4496 (The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connect ...)
 	NOT-FOR-US: IBM
 CVE-2020-4495 (IBM Jazz Foundation and IBM Engineering products could allow a remote  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fb24f7a6d5af8e0b5a5e53b77ecf4ee8c32bce1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1fb24f7a6d5af8e0b5a5e53b77ecf4ee8c32bce1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221215/88c0d65d/attachment-0001.htm>
