[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon Dec 11 20:21:35 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4d47e262 by Salvatore Bonaccorso at 2023-12-11T21:21:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2023-6679 (A null pointer dereference vulnerability was found in dpll_pin_parent_ ...)
 	TODO: check
 CVE-2023-6671 (A vulnerability has been discovered on OJS, that consists in a CSRF (C ...)
-	TODO: check
+	NOT-FOR-US: OJS (OPEN JOURNAL SYSTEMS)
 CVE-2023-6538 (SMU versions prior to 14.8.7825.01 are susceptible to unintended infor ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2023-6194 (In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition X ...)
 	TODO: check
 CVE-2023-6035 (The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5955 (The Contact Form Email WordPress plugin before 1.3.44 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5940 (The WP Not Login Hide (WPNLH) WordPress plugin through 1.0 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5907 (The File Manager WordPress plugin before 6.3 does not restrict the fil ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5757 (The WP Crowdfunding WordPress plugin before 2.1.8 does not sanitise an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5750 (The EmbedPress WordPress plugin before 3.9.2 does not sanitise and esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5749 (The EmbedPress WordPress plugin before 3.9.2 does not sanitise and esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49795 (MindsDB connects artificial intelligence models to real time data. Ver ...)
-	TODO: check
+	NOT-FOR-US: MindsDB
 CVE-2023-49418 (TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: TOTOLink
 CVE-2023-49417 (TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: TOTOLink
 CVE-2023-48715 (Tuleap is an open source suite to improve management of software devel ...)
-	TODO: check
+	NOT-FOR-US: Tuleap
 CVE-2023-6185 (Improper Input Validation vulnerability in GStreamer integration of Th ...)
 	{DSA-5574-1}
 	- libreoffice 4:7.6.3-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d47e262c6142a059c6c1df106d7ecfaf77d40bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d47e262c6142a059c6c1df106d7ecfaf77d40bb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231211/10cf8981/attachment-0001.htm>
