[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 29 21:27:08 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ffc3bc2 by Salvatore Bonaccorso at 2023-06-29T22:26:41+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,11 +67,11 @@ CVE-2023-XXXX [Heap overwrite in subtitle parsing]
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/518ecba8f960137715f776dac6c93e4c4e4179d1
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/1d9b360708115d4acc3fd4bf13cde066391ed057
 CVE-2023-3447 (The Active Directory Integration / LDAP Integration plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: Active Directory Integration / LDAP Integration plugin for WordPress
 CVE-2023-3243 (** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authentica ...)
 	TODO: check
 CVE-2023-37237 (In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permission ...)
-	TODO: check
+	NOT-FOR-US: Veritas NetBackup Appliance
 CVE-2023-36476 (calamares-nixos-extensions provides Calamares branding and modules for ...)
 	TODO: check
 CVE-2023-36475 (Parse Server is an open source backend that can be deployed to any inf ...)
@@ -111,7 +111,7 @@ CVE-2023-32223 (D-Link DSL-224 firmware version 3.0.10 allows post authenticatio
 CVE-2023-32222 (D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows  ...)
 	TODO: check
 CVE-2023-2982 (The WordPress Social Login and Register (Discord, Google, Twitter, Lin ...)
-	TODO: check
+	NOT-FOR-US: WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress
 CVE-2023-3450 (A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as ...)
 	NOT-FOR-US: Ruijie RG-BCR860
 CVE-2023-3449 (A vulnerability has been found in IBOS OA 4.5.5 and classified as crit ...)
@@ -13214,7 +13214,7 @@ CVE-2023-1604
 CVE-2023-1603 (Permission bypass when importing or synchronizing entriesin User vault ...)
 	NOT-FOR-US: Devolutions
 CVE-2023-1602 (The Short URL plugin for WordPress is vulnerable to stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: Short URL plugin for WordPress
 CVE-2023-1601
 	REJECTED
 CVE-2023-1600



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ffc3bc267bb84ff18954312096b8b89bc1b0e32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ffc3bc267bb84ff18954312096b8b89bc1b0e32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230629/5e8fc795/attachment.htm>

More information about the debian-security-tracker-commits mailing list