[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 7 21:19:40 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b79bf6e5 by Salvatore Bonaccorso at 2023-06-07T22:19:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,43 +1,43 @@
 CVE-2023-3152 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3151 (A vulnerability was found in SourceCodester Online Discussion Forum Si ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3150 (A vulnerability was found in SourceCodester Online Discussion Forum Si ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3149 (A vulnerability was found in SourceCodester Online Discussion Forum Si ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3148 (A vulnerability was found in SourceCodester Online Discussion Forum Si ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3147 (A vulnerability has been found in SourceCodester Online Discussion For ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3146 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3145 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3144 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3143 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Discussion Forum Site
 CVE-2023-3142 (Cross-site Scripting (XSS) - Stored in GitHub repository microweber/mi ...)
-	TODO: check
+	NOT-FOR-US: microweber
 CVE-2023-3140 (Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNI ...)
-	TODO: check
+	NOT-FOR-US: KNIME Business Hub
 CVE-2023-34237 (SABnzbd is an open source automated Usenet download tool. A design fla ...)
 	TODO: check
 CVE-2023-34234 (OpenZeppelin Contracts is a library for smart contract development. By ...)
-	TODO: check
+	NOT-FOR-US: OpenZeppelin Contracts
 CVE-2023-34109 (zxcvbn-ts is an open source password strength estimator written in typ ...)
 	TODO: check
 CVE-2023-34108 (mailcow is a mail server suite based on Dovecot, Postfix and other ope ...)
-	TODO: check
+	NOT-FOR-US: mailcow
 CVE-2023-33595 (CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-fre ...)
 	TODO: check
 CVE-2023-33556 (TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a com ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-33553 (An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attacker ...)
-	TODO: check
+	NOT-FOR-US: Planet Technologies WDRT-1800AX
 CVE-2023-33510 (Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary file ...)
-	TODO: check
+	NOT-FOR-US: Jeecg P3 Biz Chat
 CVE-2023-33498 (alist <=3.16.3 is vulnerable to Incorrect Access Control. Low privileg ...)
 	TODO: check
 CVE-2023-33284 (Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution  ...)
@@ -51,17 +51,17 @@ CVE-2023-2530 (A privilege escalation allowing remote code execution was discove
 CVE-2023-2442 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	TODO: check
 CVE-2021-4380 (The Pinterest Automatic plugin for WordPress is vulnerable to authoriz ...)
-	TODO: check
+	NOT-FOR-US: Pinterest Automatic plugin for WordPress
 CVE-2021-4379 (The WooCommerce Multi Currency plugin for WordPress is vulnerable to a ...)
-	TODO: check
+	NOT-FOR-US: WooCommerce Multi Currency plugin for WordPress
 CVE-2021-4337 (Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-46889 (The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS ...)
-	TODO: check
+	NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
 CVE-2020-36728 (The Adning Advertising plugin for WordPress is vulnerable to file dele ...)
-	TODO: check
+	NOT-FOR-US: Adning Advertising plugin for WordPress
 CVE-2020-36705 (The Adning Advertising plugin for WordPress is vulnerable to arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Adning Advertising plugin for WordPress
 CVE-2023-33865 (RenderDoc through 1.26 allows local privilege escalation via a symlink ...)
 	- renderdoc <unfixed> (bug #1037208)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b79bf6e56d8b96dcb280aa5d83dd2eb882457e42

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b79bf6e56d8b96dcb280aa5d83dd2eb882457e42
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230607/193ec623/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list