[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 4 08:39:10 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d64c58a by Salvatore Bonaccorso at 2023-11-04T09:38:12+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8,17 +8,17 @@ CVE-2023-47233 (The brcm80211 component in the Linux kernel through 6.5.10 has a
 	- linux <unfixed>
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1216702
 CVE-2023-45189 (A vulnerability in IBM Robotic Process Automation and IBM Robotic Proc ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-40215 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-38391 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-36677 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-35910 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32741 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5946 (The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Sit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-5945 (The video carousel slider with lightbox plugin for WordPress is vulner ...)
@@ -67,9 +67,9 @@ CVE-2023-34383 (Improper Neutralization of Special Elements used in an SQL Comma
 CVE-2023-34179 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: Groundhogg
 CVE-2023-32508 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32121 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5948 (Improper Authorization in GitHub repository teamamaze/amazefileutiliti ...)
 	NOT-FOR-US: amazefileutilities
 CVE-2023-5763 (In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower t ...)
@@ -40809,7 +40809,7 @@ CVE-2023-26017 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-26016 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tauh ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-26015 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-26014 (Cross-Site Request Forgery (CSRF) vulnerability in Tim Eckel Minify HT ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-26013 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -40859,7 +40859,7 @@ CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-25991 (Cross-Site Request Forgery (CSRF) vulnerability in RegistrationMagic p ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25990 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25989 (Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25988
@@ -40919,7 +40919,7 @@ CVE-2023-25962 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-25961 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Catch Th ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25960 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25959
 	RESERVED
 CVE-2023-25958 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Just ...)
@@ -41372,7 +41372,7 @@ CVE-2023-25802 (Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache,
 CVE-2023-25801 (TensorFlow is an open source machine learning platform. Prior to versi ...)
 	- tensorflow <itp> (bug #804612)
 CVE-2023-25800 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25799
 	RESERVED
 CVE-2023-25798 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -41791,7 +41791,7 @@ CVE-2023-25702 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability i
 CVE-2023-25701
 	RESERVED
 CVE-2023-25700 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25699
 	RESERVED
 CVE-2023-25698 (Cross-Site Request Forgery (CSRF) vulnerability in Studio Wombat Shopp ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d64c58a3970d4384b2e714019b9ee809b918f00

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d64c58a3970d4384b2e714019b9ee809b918f00
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231104/5b9027f2/attachment.htm>

More information about the debian-security-tracker-commits mailing list