[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
280b5aa1 by Moritz Muehlenhoff at 2023-11-19T21:29:52+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2023-46302
+	NOT-FOR-US: Apache Submarine
 CVE-2023-47685 (Cross-Site Request Forgery (CSRF) vulnerability in Lukman Nakib Preloa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-47672 (Cross-Site Request Forgery (CSRF) vulnerability in Swashata WP Categor ...)
@@ -37,13 +39,13 @@ CVE-2023-47519 (Cross-Site Request Forgery (CSRF) vulnerability in WC Product Ta
 CVE-2023-47243 (Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop \ucf54\ub ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-41129 (Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32514 (Cross-Site Request Forgery (CSRF) vulnerability in Himanshu Parashar G ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32504 (Cross-Site Request Forgery (CSRF) vulnerability in Kainex Wise Chat.Th ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-32245 (Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essenti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48736 (In International Color Consortium DemoIccMAX 3e7948b, CIccCLUT::Interp ...)
 	NOT-FOR-US: International Color Consortium DemoIccMAX
 CVE-2023-40363 (IBM InfoSphere Information Server 11.7 could allow an authenticated us ...)
@@ -101,9 +103,9 @@ CVE-2023-48185 (Directory Traversal vulnerability in TerraMaster v.s1.0 through
 CVE-2023-48029 (Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with ...)
 	NOT-FOR-US: Corebos
 CVE-2023-48025 (Liblisp through commit 4c65969 was discovered to contain a out-of-boun ...)
-	TODO: check
+	NOT-FOR-US: Liblisp
 CVE-2023-48024 (Liblisp through commit 4c65969 was discovered to contain a use-after-f ...)
-	TODO: check
+	NOT-FOR-US: Liblisp
 CVE-2023-47757 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-47073 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
@@ -27859,7 +27861,7 @@ CVE-2023-31091 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
 CVE-2023-31090
 	RESERVED
 CVE-2023-31089 (Cross-Site Request Forgery (CSRF) vulnerability in Tradebooster Video  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31088 (Cross-Site Request Forgery (CSRF) vulnerability in Faraz Quazi Floatin ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31087 (Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Mana ...)
@@ -27896,7 +27898,7 @@ CVE-2023-31077 (Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export
 CVE-2023-31076 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31075 (Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy Hide Lo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-31074 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 E ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-31073
@@ -34946,7 +34948,7 @@ CVE-2023-28782
 CVE-2023-28781 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Con ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28780 (Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-28779 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vladimir ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28778 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Best ...)
@@ -42326,7 +42328,7 @@ CVE-2023-26366 (Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and
 CVE-2023-26365
 	RESERVED
 CVE-2023-26364 (@adobe/css-tools version 4.3.0 and earlier are affected by an Improper ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-26363
 	RESERVED
 CVE-2023-26362
@@ -43471,7 +43473,7 @@ CVE-2023-25987
 CVE-2023-25986
 	RESERVED
 CVE-2023-25985 (Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-25984 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rigo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-25983 (Improper Neutralization of Formula Elements in a CSV File vulnerabilit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/280b5aa1a1b376c096fc1767240ce1be0259ec5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/280b5aa1a1b376c096fc1767240ce1be0259ec5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231119/71b04ba4/attachment.htm>