[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 20 20:17:49 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8573047 by Salvatore Bonaccorso at 2023-11-20T21:17:14+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
 CVE-2023-6197 (The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6196 (The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6045 (in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitr ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-5799 (The WP Hotel Booking WordPress plugin before 2.0.8 does not have prope ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5652 (The WP Hotel Booking WordPress plugin before 2.0.8 does not have autho ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5651 (The WP Hotel Booking WordPress plugin before 2.0.8 does not have autho ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5640 (The Article Analytics WordPress plugin does not properly sanitise and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5610 (The Seraphinite Accelerator WordPress plugin before 2.2.29 does not va ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5609 (The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5593 (The out-of-bounds write vulnerability in the Windows-based SecuExtende ...)
-	TODO: check
+	NOT-FOR-US: SecuExtender SSL VPN Client
 CVE-2023-5509 (The myStickymenu WordPress plugin before 2.6.5 does not adequately aut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5343 (The Popup box WordPress plugin before 3.7.9 does not sanitise and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5340 (The Five Star Restaurant Menu and Food Ordering WordPress plugin befor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5140 (The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5119 (The Forminator WordPress plugin before 1.27.0 does not properly saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4970 (The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4824 (The WooHoo Newspaper Magazine theme does not have CSRF check in place  ...)
-	TODO: check
+	NOT-FOR-US: WooHoo Newspaper Magazine theme
 CVE-2023-4808 (The WP Post Popup WordPress plugin through 3.7.3 does not sanitise and ...)
 	TODO: check
 CVE-2023-4799 (The Magic Embeds WordPress plugin through 3.0.10 does not validate and ...)
@@ -39,15 +39,15 @@ CVE-2023-4799 (The Magic Embeds WordPress plugin through 3.0.10 does not validat
 CVE-2023-48309 (NextAuth.js provides authentication for Next.js. `next-auth` applicati ...)
 	TODO: check
 CVE-2023-48300 (The `Embed Privacy` plugin for WordPress that prevents the loading of  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-48293 (The XWiki Admin Tools Application provides tools to help the administr ...)
-	TODO: check
+	NOT-FOR-US: XWiki Admin Tools Application
 CVE-2023-48292 (The XWiki Admin Tools Application provides tools to help the administr ...)
-	TODO: check
+	NOT-FOR-US: XWiki Admin Tools Application
 CVE-2023-48241 (XWiki Platform is a generic wiki platform. Starting in version 6.3-mil ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-48240 (XWiki Platform is a generic wiki platform. The rendered diff in XWiki  ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2023-48223 (fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to v ...)
 	TODO: check
 CVE-2023-48221 (wire-avs provides Audio, Visual, and Signaling (AVS) functionality sur ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8573047a6c99895060ac21786d3988caeadb621

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8573047a6c99895060ac21786d3988caeadb621
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231120/2069ab7a/attachment.htm>

More information about the debian-security-tracker-commits mailing list