[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 10 21:42:29 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e8b895c by Salvatore Bonaccorso at 2023-11-10T22:42:04+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,17 +43,17 @@ CVE-2023-46733 (Symfony is a PHP framework for web and console applications and
 CVE-2023-46130 (Discourse is an open source platform for community discussion. Prior t ...)
 	NOT-FOR-US: Discourse
 CVE-2023-45816 (Discourse is an open source platform for community discussion. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-45806 (Discourse is an open source platform for community discussion. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2023-41285 (A SQL injection vulnerability has been reported to affect QuMagie. If  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-41284 (A SQL injection vulnerability has been reported to affect QuMagie. If  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-39295 (An OS command injection vulnerability has been reported to affect QuMa ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-36027 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2023-5870
 	- postgresql-16 16.1-1
 	- postgresql-15 <unfixed>
@@ -333,7 +333,7 @@ CVE-2023-3959 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,  CB
 CVE-2023-39435 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,  CB6231, ...)
 	NOT-FOR-US: Zavio
 CVE-2023-37790 (Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an ...)
-	TODO: check
+	NOT-FOR-US: Jaspersoft Clarity PPM
 CVE-2023-37533 (HCL Connections is vulnerable to reflected cross-site scripting (XSS)  ...)
 	NOT-FOR-US: HCL
 CVE-2023-36667 (Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Dire ...)
@@ -26418,9 +26418,9 @@ CVE-2023-31080
 CVE-2023-31079 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31078 (Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31077 (Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Pa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31076 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31075
@@ -28513,7 +28513,7 @@ CVE-2023-30480
 CVE-2023-30479
 	RESERVED
 CVE-2023-30478 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newslette ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-30477 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30476
@@ -31066,7 +31066,7 @@ CVE-2023-29442 (Zoho ManageEngine Applications Manager before 16400 allows proxy
 CVE-2023-29441 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert H ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-29440 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29439 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugi ...)
 	NOT-FOR-US: FooGallery
 CVE-2023-29438 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric ...)
@@ -31090,11 +31090,11 @@ CVE-2023-29430 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CT
 CVE-2023-29429
 	RESERVED
 CVE-2023-29428 (Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb So ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29427 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Book ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-29426 (Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29425
 	RESERVED
 CVE-2023-29424 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plai ...)
@@ -50159,7 +50159,7 @@ CVE-2023-23369 (An OS command injection vulnerability has been reported to affec
 CVE-2023-23368 (An OS command injection vulnerability has been reported to affect seve ...)
 	NOT-FOR-US: QNAP
 CVE-2023-23367 (An OS command injection vulnerability has been reported to affect seve ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2023-23366 (A path traversal vulnerability has been reported to affect Music Stati ...)
 	NOT-FOR-US: QNAP
 CVE-2023-23365 (A path traversal vulnerability has been reported to affect Music Stati ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e8b895ccf40f72fae0f03a3628840576fd9c354

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e8b895ccf40f72fae0f03a3628840576fd9c354
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231110/68ab1b6d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list