[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Jun 13 09:29:05 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
379ad9d2 by Salvatore Bonaccorso at 2023-06-13T10:28:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2023-33991 (SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 7 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-33986 (SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 712, 713,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-33985 (SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-33984 (SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfa ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-32674 (Certain versions of HP PC Hardware Diagnostics Windows are potentially ...)
 	TODO: check
 CVE-2023-32673 (Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assis ...)
@@ -19,19 +19,19 @@ CVE-2023-32219 (A Mazda model (2015-2016) can be unlocked via an unspecified met
 CVE-2023-32115 (An attacker can exploit MDS COMPARE TOOL and use specially crafted inp ...)
 	TODO: check
 CVE-2023-32114 (SAP NetWeaver (Change and Transport System) - versions 702, 731, 740,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-2876 (Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 P ...)
 	TODO: check
 CVE-2023-2827 (SAP Plant Connectivity - version 15.5 (PCo) or the Production Connecto ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-2729 (Use of insufficiently random values vulnerability in User Management F ...)
 	TODO: check
 CVE-2023-2673 (Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUAR ...)
 	TODO: check
 CVE-2023-2563 (The WordPress Contact Forms by Cimatti plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress Contact Forms by Cimatti plugin for WordPress
 CVE-2023-2351 (The WP Directory Kit plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WP Directory Kit plugin for WordPress
 CVE-2023-3212 [gfs2: Don't deref jdesc in evict]
 	- linux 6.3.7-1
 	NOTE: https://git.kernel.org/linus/504a10d9e46bc37b23d0a1ae2f28973c8516e636 (6.4-rc2)
@@ -3981,9 +3981,9 @@ CVE-2023-2280 (The WP Directory Kit plugin for WordPress is vulnerable to unauth
 CVE-2023-2279
 	RESERVED
 CVE-2023-2278 (The WP Directory Kit plugin for WordPress is vulnerable to Local File  ...)
-	TODO: check
+	NOT-FOR-US: WP Directory Kit plugin for WordPress
 CVE-2023-2277 (The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WP Directory Kit plugin for WordPress
 CVE-2023-2276 (The WCFM Membership \u2013 WooCommerce Memberships for Multivendor Mar ...)
 	NOT-FOR-US: WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress
 CVE-2023-2275 (The WooCommerce Multivendor Marketplace \u2013 REST API plugin for Wor ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/379ad9d289a7ad0239e2157600ff98b6005f1275

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/379ad9d289a7ad0239e2157600ff98b6005f1275
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230613/3e02501e/attachment.htm>
