[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Fri Aug 18 22:02:02 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8dbc11b1 by Salvatore Bonaccorso at 2023-08-18T23:01:37+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12639,7 +12639,7 @@ CVE-2023-31234
 CVE-2023-31233 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoq ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31232 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31231
 	RESERVED
 CVE-2023-31230
@@ -12647,7 +12647,7 @@ CVE-2023-31230
 CVE-2023-31229
 	RESERVED
 CVE-2023-31228 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31227 (The hwPartsDFR module has a vulnerability in API calling verification. ...)
 	NOT-FOR-US: Huawei
 CVE-2023-31226 (The SDK for the MediaPlaybackController module has improper permission ...)
@@ -12763,7 +12763,7 @@ CVE-2023-31220
 CVE-2023-31219
 	RESERVED
 CVE-2023-31218 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31217
 	RESERVED
 CVE-2023-31216 (Cross-Site Request Forgery (CSRF) vulnerability in Ultimate Member plu ...)
@@ -13121,7 +13121,7 @@ CVE-2023-31096
 CVE-2023-31095
 	RESERVED
 CVE-2023-31094 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Ka ...)
-	TODO: check
+	NOT-FOR-US: WooCommerce plugin
 CVE-2023-31093
 	RESERVED
 CVE-2023-31092
@@ -15190,7 +15190,7 @@ CVE-2022-48437 (An issue was discovered in x509/x509_verify.c in LibreSSL before
 CVE-2023-30500 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPForms  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30499 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVis ...)
-	TODO: check
+	NOT-FOR-US: WordPress Plugin
 CVE-2023-30498 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeFlav ...)
 	NOT-FOR-US: WordPress Plugin
 CVE-2023-30497
@@ -18038,7 +18038,7 @@ CVE-2023-29389 (Toyota RAV4 2021 vehicles automatically trust messages from othe
 CVE-2023-29388 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in impleCod ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-29387 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29386
 	RESERVED
 CVE-2023-29385 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kevon Ad ...)
@@ -24642,7 +24642,7 @@ CVE-2023-27473
 CVE-2023-27472 (quickentity-editor-next is an open source, system local, video game as ...)
 	NOT-FOR-US: quickentity-editor-next
 CVE-2023-27471 (An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5. ...)
-	TODO: check
+	NOT-FOR-US: Insyde
 CVE-2023-27470
 	RESERVED
 CVE-2023-27469 (Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file de ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dbc11b1619c6589977f4ea467b4ddccc179d71f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dbc11b1619c6589977f4ea467b4ddccc179d71f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230818/7ac5042d/attachment-0001.htm>
