[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cc526000 by Salvatore Bonaccorso at 2023-05-31T10:49:48+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,31 +15,31 @@ CVE-2023-33180 (Xibo is a content management system (CMS). An SQL injection vuln
 CVE-2023-33179 (Xibo is a content management system (CMS). An SQL injection vulnerabil ...)
 	TODO: check
 CVE-2023-32342 (IBM GSKit could allow a remote attacker to obtain sensitive informatio ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-2999 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
 	TODO: check
 CVE-2023-2998 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
 	TODO: check
 CVE-2023-2987 (The Wordapp plugin for WordPress is vulnerable to authorization bypass ...)
-	TODO: check
+	NOT-FOR-US: Wordapp plugin for WordPress
 CVE-2023-2952 (XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3 ...)
 	TODO: check
 CVE-2023-2836 (The CRM Perks Forms plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: CRM Perks Forms plugin for WordPress
 CVE-2023-2612 (Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ub ...)
 	TODO: check
 CVE-2023-2549 (The Feather Login Page plugin for WordPress is vulnerable to Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: Feather Login Page plugin for WordPress
 CVE-2023-2547 (The Feather Login Page plugin for WordPress is vulnerable to unauthori ...)
-	TODO: check
+	NOT-FOR-US: Feather Login Page plugin for WordPress
 CVE-2023-2545 (The Feather Login Page plugin for WordPress is vulnerable to unauthori ...)
-	TODO: check
+	NOT-FOR-US: Feather Login Page plugin for WordPress
 CVE-2023-2436 (The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: Blog-in-Blog plugin for WordPress
 CVE-2023-2435 (The Blog-in-Blog plugin for WordPress is vulnerable to Local File Incl ...)
-	TODO: check
+	NOT-FOR-US: Blog-in-Blog plugin for WordPress
 CVE-2023-2434 (The Nested Pages plugin for WordPress is vulnerable to unauthorized lo ...)
-	TODO: check
+	NOT-FOR-US: Nested Pages plugin for WordPress
 CVE-2015-10107 (A vulnerability was found in Simplr Registration Form Plus+ Plugin up  ...)
 	TODO: check
 CVE-2014-125103 (A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on ...)
@@ -2483,7 +2483,7 @@ CVE-2023-2306
 CVE-2023-2305
 	RESERVED
 CVE-2023-2304 (The Favorites plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: Favorites plugin for WordPress
 CVE-2023-2303
 	RESERVED
 CVE-2023-2302
@@ -9272,7 +9272,7 @@ CVE-2023-1663 (Coverity versions prior to 2023.3.2 are vulnerable to forced brow
 CVE-2023-1662
 	RESERVED
 CVE-2023-1661 (The Display post meta, term meta, comment meta, and user meta plugin f ...)
-	TODO: check
+	NOT-FOR-US: Display post meta, term meta, comment meta, and user meta plugin for WordPress
 CVE-2023-1660 (The AI ChatBot WordPress plugin before 4.4.9 does not have authorisati ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-1659



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc5260000d21a0e6d9002c689885f3f001ddcc27

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc5260000d21a0e6d9002c689885f3f001ddcc27
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230531/e43ccee0/attachment.htm>