[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 30 09:53:14 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
82ab383d by Salvatore Bonaccorso at 2022-11-30T10:52:48+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2293,25 +2293,25 @@ CVE-2022-45448
 CVE-2022-45447
 	RESERVED
 CVE-2022-4036 (The Appointment Hour Booking plugin for WordPress is vulnerable to CAP ...)
-	TODO: check
+	NOT-FOR-US: Appointment Hour Booking plugin for WordPress
 CVE-2022-4035 (The Appointment Hour Booking plugin for WordPress is vulnerable to iFr ...)
-	TODO: check
+	NOT-FOR-US: Appointment Hour Booking plugin for WordPress
 CVE-2022-4034 (The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV ...)
 	TODO: check
 CVE-2022-4033 (The Quiz and Survey Master plugin for WordPress is vulnerable to input ...)
-	TODO: check
+	NOT-FOR-US: Quiz and Survey Master plugin for WordPress
 CVE-2022-4032 (The Quiz and Survey Master plugin for WordPress is vulnerable to iFram ...)
-	TODO: check
+	NOT-FOR-US: Quiz and Survey Master plugin for WordPress
 CVE-2022-4031 (The Simple:Press plugin for WordPress is vulnerable to arbitrary file  ...)
-	TODO: check
+	NOT-FOR-US: Simple:Press plugin for WordPress
 CVE-2022-4030 (The Simple:Press plugin for WordPress is vulnerable to Path Traversal  ...)
-	TODO: check
+	NOT-FOR-US: Simple:Press plugin for WordPress
 CVE-2022-4029 (The Simple:Press plugin for WordPress is vulnerable to Reflected Cross ...)
-	TODO: check
+	NOT-FOR-US: Simple:Press plugin for WordPress
 CVE-2022-4028 (The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: Simple:Press plugin for WordPress
 CVE-2022-4027 (The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: Simple:Press plugin for WordPress
 CVE-2022-4026
 	RESERVED
 CVE-2022-4025
@@ -2434,7 +2434,7 @@ CVE-2022-45113
 CVE-2022-43660
 	RESERVED
 CVE-2022-3995 (The TeraWallet plugin for WordPress is vulnerable to Insecure Direct O ...)
-	TODO: check
+	NOT-FOR-US: TeraWallet plugin for WordPress
 CVE-2022-3994
 	RESERVED
 CVE-2023-21518
@@ -2906,7 +2906,7 @@ CVE-2022-45339
 CVE-2022-45338
 	RESERVED
 CVE-2022-45337 (Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2022-45336
 	RESERVED
 CVE-2022-45335
@@ -3186,7 +3186,7 @@ CVE-2022-3993 (Authentication Bypass by Primary Weakness in GitHub repository ka
 CVE-2022-3992 (A vulnerability classified as problematic was found in SourceCodester  ...)
 	NOT-FOR-US: SourceCodester Sanitization Management System
 CVE-2022-3991 (The Photospace Gallery plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: Photospace Gallery plugin for WordPress
 CVE-2022-3990
 	RESERVED
 CVE-2022-3989
@@ -3737,11 +3737,11 @@ CVE-2022-45046
 CVE-2022-3899
 	RESERVED
 CVE-2022-3898 (The WP Affiliate Platform plugin for WordPress is vulnerable to Cross- ...)
-	TODO: check
+	NOT-FOR-US: WP Affiliate Platform plugin for WordPress
 CVE-2022-3897 (The WP Affiliate Platform plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WP Affiliate Platform plugin for WordPress
 CVE-2022-3896 (The WP Affiliate Platform plugin for WordPress is vulnerable to Reflec ...)
-	TODO: check
+	NOT-FOR-US: WP Affiliate Platform plugin for WordPress
 CVE-2022-3895 (Some UI elements of the Common User Interface Component are not proper ...)
 	NOT-FOR-US: BlueSpice
 CVE-2022-3894
@@ -7401,7 +7401,7 @@ CVE-2022-3749
 CVE-2022-3748
 	RESERVED
 CVE-2022-3747 (The Becustom plugin for WordPress is vulnerable to Cross-Site Request  ...)
-	TODO: check
+	NOT-FOR-US: Becustom plugin for WordPress
 CVE-2022-3746
 	RESERVED
 CVE-2022-3745
@@ -14392,9 +14392,9 @@ CVE-2022-3386 (Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a
 CVE-2022-3385 (Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack ...)
 	NOT-FOR-US: Advantech R-SeeNet
 CVE-2022-3384 (The Ultimate Member plugin for WordPress is vulnerable to Remote Code  ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2022-3383 (The Ultimate Member plugin for WordPress is vulnerable to Remote Code  ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2022-3382 (HIWIN Robot System Software version 3.3.21.9869 does not properly addr ...)
 	NOT-FOR-US: HIWIN Robot System Software
 CVE-2022-41983 (On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1. ...)
@@ -14933,7 +14933,7 @@ CVE-2022-38355
 CVE-2022-38142 (Delta Electronics InfraSuite Device Master versions 00.00.01a and prio ...)
 	NOT-FOR-US: Delta Electronics
 CVE-2022-3361 (The Ultimate Member plugin for WordPress is vulnerable to directory tr ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2022-3360 (The LearnPress WordPress plugin before 4.1.7.2 unserialises user input ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3359



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82ab383d1f75d9ba27ec3d1cf89e7a70c6b2e9c4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82ab383d1f75d9ba27ec3d1cf89e7a70c6b2e9c4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221130/a485cb13/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list