[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 19 20:37:16 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
444126c3 by Salvatore Bonaccorso at 2023-01-19T21:36:46+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,7 +101,7 @@ CVE-2023-23861
 CVE-2023-23550
 	RESERVED
 CVE-2023-0406 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
-	TODO: check
+	NOT-FOR-US: Modoboa
 CVE-2023-0405
 	RESERVED
 CVE-2023-0404 (The Events Made Easy plugin for WordPress is vulnerable to authorizati ...)
@@ -117,7 +117,7 @@ CVE-2023-0400
 CVE-2023-0399
 	RESERVED
 CVE-2023-0398 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
-	TODO: check
+	NOT-FOR-US: Modoboa
 CVE-2023-23860
 	RESERVED
 CVE-2023-23859
@@ -201,7 +201,7 @@ CVE-2022-48270
 CVE-2022-48269
 	RESERVED
 CVE-2015-10071 (A vulnerability was found in gitter-badger ezpublish-modern-legacy. It ...)
-	TODO: check
+	NOT-FOR-US: gitter-badger ezpublish-modern-legacy
 CVE-2023-23835
 	RESERVED
 CVE-2023-23834
@@ -394,7 +394,7 @@ CVE-2023-0369
 CVE-2023-0368
 	RESERVED
 CVE-2022-4892 (A vulnerability was found in MyCMS. It has been classified as problema ...)
-	TODO: check
+	NOT-FOR-US: MyCMS
 CVE-2022-47909
 	RESERVED
 CVE-2022-46836
@@ -408,7 +408,7 @@ CVE-2022-43440
 CVE-2021-4314 (It is possible to manipulate the JWT token without the knowledge of th ...)
 	NOT-FOR-US: Zowe
 CVE-2017-20174 (A vulnerability was found in bastianallgeier Kirby Webmentions Plugin  ...)
-	TODO: check
+	NOT-FOR-US: bastianallgeier Kirby Webmentions Plugin
 CVE-2015-10070 (A vulnerability was found in copperwall Twiddit. It has been rated as  ...)
 	TODO: check
 CVE-2015-10069 (A vulnerability was found in viakondratiuk cash-machine. It has been d ...)
@@ -416,7 +416,7 @@ CVE-2015-10069 (A vulnerability was found in viakondratiuk cash-machine. It has
 CVE-2014-125083 (A vulnerability has been found in Anant Labs google-enterprise-connect ...)
 	TODO: check
 CVE-2013-10014 (A vulnerability classified as critical has been found in oktora24 2moo ...)
-	TODO: check
+	NOT-FOR-US: oktora24 2moons
 CVE-2023-23774
 	RESERVED
 CVE-2023-23773
@@ -6364,7 +6364,7 @@ CVE-2022-47768
 CVE-2022-47767
 	RESERVED
 CVE-2022-47766 (PopojiCMS v2.0.1 backend plugin function has a file upload vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: PopojiCMS
 CVE-2022-47765
 	RESERVED
 CVE-2022-47764
@@ -6406,7 +6406,7 @@ CVE-2022-47747
 CVE-2022-47746
 	RESERVED
 CVE-2022-47745 (ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After loggin ...)
-	TODO: check
+	NOT-FOR-US: ZenTao
 CVE-2022-47744
 	RESERVED
 CVE-2022-47743
@@ -6416,7 +6416,7 @@ CVE-2022-47742
 CVE-2022-47741
 	RESERVED
 CVE-2022-47740 (Seltmann GmbH Content Management System 6 is vulnerable to SQL Injecti ...)
-	TODO: check
+	NOT-FOR-US: Seltmann GmbH Content Management System
 CVE-2022-47739
 	RESERVED
 CVE-2022-47738
@@ -9242,13 +9242,13 @@ CVE-2022-47199
 CVE-2022-47198
 	RESERVED
 CVE-2022-47197 (An insecure default vulnerability exists in the Post Creation function ...)
-	TODO: check
+	NOT-FOR-US: Ghost CMS
 CVE-2022-47196 (An insecure default vulnerability exists in the Post Creation function ...)
-	TODO: check
+	NOT-FOR-US: Ghost CMS
 CVE-2022-47195 (An insecure default vulnerability exists in the Post Creation function ...)
-	TODO: check
+	NOT-FOR-US: Ghost CMS
 CVE-2022-47194 (An insecure default vulnerability exists in the Post Creation function ...)
-	TODO: check
+	NOT-FOR-US: Ghost CMS
 CVE-2022-46736
 	RESERVED
 CVE-2022-46729



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/444126c3ddd9513ae87f43152a726b3c23fb4ff4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/444126c3ddd9513ae87f43152a726b3c23fb4ff4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230119/7fc4d3d9/attachment.htm>


More information about the debian-security-tracker-commits mailing list