[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 24 09:28:59 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d78417b3 by Salvatore Bonaccorso at 2023-06-24T10:28:30+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2023-3388 (The Beautiful Cookie Consent Banner for WordPress is vulnerable to Sto ...)
 	TODO: check
 CVE-2023-3387 (The Lana Text to Image plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: Lana Text to Image plugin for WordPress
 CVE-2023-3197 (The MStore API plugin for WordPress is vulnerable to Unauthenticated B ...)
-	TODO: check
+	NOT-FOR-US: MStore API plugin for WordPress
 CVE-2023-35932 (jcvi is a Python library to facilitate genome assembly, annotation, an ...)
 	TODO: check
 CVE-2023-35928 (Nextcloud Server is a space for data storage on Nextcloud, a self-host ...)
@@ -11,7 +11,7 @@ CVE-2023-35928 (Nextcloud Server is a space for data storage on Nextcloud, a sel
 CVE-2023-35927 (NextCloud Server and NextCloud Enterprise Server provide file storage  ...)
 	TODO: check
 CVE-2023-35173 (Nextcloud End-to-end encryption app provides all the necessary APIs to ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud End-to-end encryption app
 CVE-2023-35172 (NextCloud Server and NextCloud Enterprise Server provide file storage  ...)
 	TODO: check
 CVE-2023-35171 (NextCloud Server and NextCloud Enterprise Server provide file storage  ...)
@@ -55,13 +55,13 @@ CVE-2023-36346 (POS Codekop v2.0 was discovered to contain a reflected cross-sit
 CVE-2023-36345 (A Cross-Site Request Forgery (CSRF) in POS Codekop v2.0 allows attacke ...)
 	NOT-FOR-US: POS Codekop
 CVE-2023-36289 (An unauthenticated Cross-Site Scripting (XSS) vulnerability found in W ...)
-	TODO: check
+	NOT-FOR-US: Webkul QloApps
 CVE-2023-36288 (An unauthenticated Cross-Site Scripting (XSS) vulnerability found in W ...)
-	TODO: check
+	NOT-FOR-US: Webkul QloApps
 CVE-2023-36287 (An unauthenticated Cross-Site Scripting (XSS) vulnerability found in W ...)
-	TODO: check
+	NOT-FOR-US: Webkul QloApps
 CVE-2023-36284 (An unauthenticated Time-Based SQL injection found in Webkul QloApps 1. ...)
-	TODO: check
+	NOT-FOR-US: Webkul QloApps
 CVE-2023-36274 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via  ...)
 	- libredwg <itp> (bug #595191)
 CVE-2023-36273 (LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78417b392b523c1a5be4193c0342e017b91904b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78417b392b523c1a5be4193c0342e017b91904b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230624/95cede3b/attachment.htm>

More information about the debian-security-tracker-commits mailing list