[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Mar 6 20:15:32 GMT 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
66aa4601 by Salvatore Bonaccorso at 2023-03-06T21:14:42+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10997,7 +10997,7 @@ CVE-2023-0379 (The Spotlight Social Feeds WordPress plugin before 1.4.3 does not
 CVE-2023-0378 (The Greenshift WordPress plugin before 5.0 does not validate and escap ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0377 (The Scriptless Social Sharing WordPress plugin before 3.2.2 does not v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0376
 	RESERVED
 CVE-2023-0375 (The Easy Affiliate Links WordPress plugin before 3.7.1 does not valida ...)
@@ -11594,7 +11594,7 @@ CVE-2023-23597
 	- firefox 109.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23597
 CVE-2023-0328 (The WPCode WordPress plugin before 2.0.7 does not have adequate privil ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0327 (A vulnerability was found in saemorris TheRadSystem. It has been class ...)
 	NOT-FOR-US: saemorris TheRadSystem
 CVE-2023-0326
@@ -13022,7 +13022,7 @@ CVE-2023-0214 (A cross-site scripting vulnerability in Skyhigh SWG in main relea
 CVE-2023-0213
 	RESERVED
 CVE-2023-0212 (The Advanced Recent Posts WordPress plugin through 0.6.14 does not val ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0211
 	RESERVED
 CVE-2022-4885 (A vulnerability has been found in sviehb jefferson up to 0.3 and class ...)
@@ -13529,7 +13529,7 @@ CVE-2023-0167
 CVE-2023-0166 (The Product Slider for WooCommerce by PickPlugins WordPress plugin bef ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0165 (The Cost Calculator WordPress plugin through 1.8 does not validate and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0164 (OrangeScrum version 2.0.11 allows an authenticated external attacker t ...)
 	NOT-FOR-US: OrangeScrum
 CVE-2022-48253 (nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that m ...)
@@ -14649,7 +14649,7 @@ CVE-2023-0080 (The Customer Reviews for WooCommerce WordPress plugin before 5.16
 CVE-2023-0079
 	RESERVED
 CVE-2023-0078 (The Resume Builder WordPress plugin through 3.1.1 does not sanitize an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0077 (Integer overflow or wraparound vulnerability in CGI component in Synol ...)
 	NOT-FOR-US: Synology
 CVE-2022-4877 (A vulnerability has been found in snoyberg keter up to 1.8.1 and class ...)
@@ -14729,7 +14729,7 @@ CVE-2023-22620
 CVE-2023-22619
 	RESERVED
 CVE-2023-0076 (The Download Attachments WordPress plugin through 1.2.24 does not vali ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0075 (The Amazon JS WordPress plugin through 0.10 does not validate and esca ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0074 (The WP Social Widget WordPress plugin before 2.2.4 does not validate a ...)
@@ -14743,19 +14743,19 @@ CVE-2023-0071 (The WP Tabs WordPress plugin before 2.1.17 does not validate and
 CVE-2023-0070 (The ResponsiveVoice Text To Speech WordPress plugin through 1.7.6 does ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0069 (The WPaudio MP3 Player WordPress plugin through 4.0.2 does not validat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0068 (The Product GTIN (EAN, UPC, ISBN) for WooCommerce WordPress plugin thr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0067 (The Timed Content WordPress plugin before 2.73 does not validate and e ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0066
 	RESERVED
 CVE-2023-0065 (The i2 Pros & Cons WordPress plugin through 1.3.1 does not validat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0064 (The eVision Responsive Column Layout Shortcodes WordPress plugin throu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0063 (The WordPress Shortcodes WordPress plugin through 1.6.36 does not vali ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-0062 (The EAN for WooCommerce WordPress plugin before 4.4.3 does not validat ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0061 (The Judge.me Product Reviews for WooCommerce WordPress plugin before 1 ...)
@@ -21425,7 +21425,7 @@ CVE-2022-4330 (The WP Attachments WordPress plugin through 5.0.5 does not saniti
 CVE-2022-4329 (The Product list Widget for Woocommerce WordPress plugin through 1.0 d ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4328 (The WooCommerce Checkout Field Manager WordPress plugin before 18.0 do ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4327 (This issue does not bear any security risk as it's only exploitable by ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4326 (Improper preservation of permissions vulnerability in Trellix Endpoint ...)
@@ -22495,7 +22495,7 @@ CVE-2022-4267 (The Bulk Delete Users by Email WordPress plugin through 1.2 does
 CVE-2022-4266 (The Bulk Delete Users by Email WordPress plugin through 1.2 does not h ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4265 (The Replyable WordPress plugin before 2.2.10 does not validate the cla ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-4264 (Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files bef ...)
 	NOT-FOR-US: M-Files
 CVE-2022-4263



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66aa4601a1f6be36a6ad29b8b32df92e9e845d06

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66aa4601a1f6be36a6ad29b8b32df92e9e845d06
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230306/c10edcb9/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list