[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon Apr 3 21:24:01 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
780ed588 by Salvatore Bonaccorso at 2023-04-03T22:23:32+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3438,7 +3438,7 @@ CVE-2023-1379 (A vulnerability was found in SourceCodester Friendly Island Pizza
 CVE-2023-1378 (A vulnerability classified as critical was found in SourceCodester Fri ...)
 	NOT-FOR-US: SourceCodester Friendly Island Pizza Website and Ordering System
 CVE-2023-1377 (The Solidres WordPress plugin through 0.9.4 does not sanitise and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-1376
 	RESERVED
 CVE-2023-1375
@@ -3899,7 +3899,7 @@ CVE-2023-1332
 CVE-2023-1331
 	RESERVED
 CVE-2023-1330 (The Redirection WordPress plugin before 1.1.4 does not add nonce verif ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-1329
 	RESERVED
 CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been classifie ...)
@@ -5842,7 +5842,7 @@ CVE-2023-1126
 CVE-2023-1125
 	RESERVED
 CVE-2023-1124 (The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-1123
 	RESERVED
 CVE-2023-1122
@@ -10099,7 +10099,7 @@ CVE-2023-0821 (HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.
 	[bullseye] - nomad <no-dsa> (Minor issue)
 	NOTE: https://discuss.hashicorp.com/t/hcsec-2023-05-nomad-client-vulnerable-to-decompression-bombs-in-artifact-block/50292
 CVE-2023-0820 (The User Role by BestWebSoft WordPress plugin before 1.6.7 does not pr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0819 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2. ...)
 	- gpac <unfixed> (bug #1033116)
 	[bullseye] - gpac <no-dsa> (Minor issue)
@@ -15545,7 +15545,7 @@ CVE-2023-0401 (A NULL pointer can be dereferenced when signatures are being veri
 CVE-2023-0400 (The protection bypass vulnerability in DLP for Windows 11.9.x is addre ...)
 	NOT-FOR-US: DLP for Windows
 CVE-2023-0399 (The Image Over Image For WPBakery Page Builder WordPress plugin before ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0398 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
 	NOT-FOR-US: Modoboa
 CVE-2023-23860 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/780ed5887045036aa18dec28ba6ad09904a64087

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/780ed5887045036aa18dec28ba6ad09904a64087
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230403/695597af/attachment.htm>
