[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 12 21:14:40 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e10da981 by Salvatore Bonaccorso at 2023-06-12T22:14:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -71,13 +71,13 @@ CVE-2023-32961 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ka
 CVE-2023-32118 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPoperat ...)
 	TODO: check
 CVE-2023-2718 (The Contact Form Email WordPress plugin before 1.3.38 does not escape  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2568 (The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2398 (The Icegram Engage WordPress plugin before 3.1.12 does not escape a pa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-2362 (The Float menu WordPress plugin before 5.0.2, Bubble Menu WordPress pl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-35036 (In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5 ...)
 	NOT-FOR-US: Progress MOVEit Transfer
 CVE-2023-35035 (Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.0 and V10  ...)
@@ -13785,7 +13785,7 @@ CVE-2023-1325 (The Easy Forms for Mailchimp WordPress plugin before 6.8.7 does n
 CVE-2023-1324 (The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-1323 (The Easy Forms for Mailchimp WordPress plugin through 6.8.8 does not s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-1322 (A vulnerability was found in lmxcms 1.41 and classified as critical. A ...)
 	NOT-FOR-US: lmxcms
 CVE-2023-1321 (A vulnerability has been found in lmxcms 1.41 and classified as critic ...)
@@ -25342,7 +25342,7 @@ CVE-2023-24022 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices
 CVE-2023-0432 (The web configuration service of the affected device contains an authe ...)
 	NOT-FOR-US: Delta Electronics
 CVE-2023-0431 (The File Away WordPress plugin through 3.9.9.0.1 does not validate and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2020-36655 (Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary ...)
 	- yii <itp> (bug #597899)
 CVE-2023-24021 (Incorrect handling of '\0' bytes in file uploads in ModSecurity before ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e10da9816b88d7fca7192f2bf96fd13636a328f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e10da9816b88d7fca7192f2bf96fd13636a328f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230612/ad45981b/attachment.htm>

More information about the debian-security-tracker-commits mailing list