[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 25 20:23:28 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8453b14f by Salvatore Bonaccorso at 2023-03-25T21:22:58+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8254,7 +8254,7 @@ CVE-2023-25994
CVE-2023-25993
RESERVED
CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Crea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25991 (Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic p ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25990
@@ -9447,9 +9447,9 @@ CVE-2023-25657 (Nautobot is a Network Source of Truth and Network Automation Pla
CVE-2023-25656 (notation-go is a collection of libraries for supporting Notation sign, ...)
NOT-FOR-US: notation-go
CVE-2023-25655 (baserCMS is a Content Management system. Prior to version 4.7.5, any f ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2023-25654 (baserCMS is a Content Management system. Prior to version 4.7.5, there ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2023-25653 (node-jose is a JavaScript implementation of the JSON Object Signing an ...)
NOT-FOR-US: Cisco node-jose (different from src:node-jose)
NOTE: https://github.com/cisco/node-jose/security/advisories/GHSA-5h4j-qrvg-9xhw
@@ -10104,7 +10104,7 @@ CVE-2023-25458
CVE-2023-25457
RESERVED
CVE-2023-25456 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Klav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25455
RESERVED
CVE-2023-25454
@@ -10331,7 +10331,7 @@ CVE-2023-25352
CVE-2023-25351
RESERVED
CVE-2023-25350 (Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. When the use ...)
- TODO: check
+ NOT-FOR-US: Faveo Helpdesk
CVE-2023-25349
RESERVED
CVE-2023-25348
@@ -13268,7 +13268,7 @@ CVE-2023-24297
CVE-2023-24296
RESERVED
CVE-2023-24295 (A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows at ...)
- TODO: check
+ NOT-FOR-US: SoftMaker Software GmbH FlexiPDF
CVE-2023-24294
RESERVED
CVE-2023-24293
@@ -14788,7 +14788,7 @@ CVE-2023-23730
CVE-2023-23729
RESERVED
CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23727
RESERVED
CVE-2023-23726
@@ -14800,7 +14800,7 @@ CVE-2023-23724
CVE-2023-23723
RESERVED
CVE-2023-23722 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23721 (Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer Admin L ...)
NOT-FOR-US: David Gwyer Admin Log
CVE-2023-23720
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8453b14f75f745c9602327acfd4a4e8a6bec3d61
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8453b14f75f745c9602327acfd4a4e8a6bec3d61
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230325/587ef659/attachment.htm>
More information about the debian-security-tracker-commits
mailing list