[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Nov 28 08:27:33 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
28b0c12d by Salvatore Bonaccorso at 2023-11-28T09:27:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,21 +3,21 @@ CVE-2024-0070
 CVE-2024-0069
 	REJECTED
 CVE-2023-6226 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6225 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6219 (The BookingPress plugin for WordPress is vulnerable to arbitrary file  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5960 (An improper privilege management vulnerability in the hotspot feature  ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2023-5885 (The discontinued FFS Colibri product allows a remote user to access fi ...)
 	TODO: check
 CVE-2023-5797 (An improper privilege management vulnerability in the debug CLI comman ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2023-5773
 	REJECTED
 CVE-2023-5650 (An improper privilege management vulnerability in the ZySH of the Zyxe ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2023-4667 (The web interface of the PAC Device allows the device administrator us ...)
 	TODO: check
 CVE-2023-4398 (An integer overflow vulnerability in the source code of the QuickSec I ...)
@@ -39,17 +39,17 @@ CVE-2023-4221 (Command injection in `main/lp/openoffice_presentation.class.php`
 CVE-2023-4220 (Unrestricted file upload in big file upload functionality in `/main/in ...)
 	TODO: check
 CVE-2023-49145 (Apache NiFi 0.7.0 through 1.23.2 include the JoltTransformJSON Process ...)
-	TODO: check
+	NOT-FOR-US: Apache NiFi
 CVE-2023-49075 (The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBund ...)
-	TODO: check
+	NOT-FOR-US: Admin Classic Bundle for Pimcore
 CVE-2023-49044 (Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-49030 (SQL Injection vulnerability in32ns KLive v.2019-1-19 and before allows ...)
-	TODO: check
+	NOT-FOR-US: in32ns KLive
 CVE-2023-48713 (Knative Serving builds on Kubernetes to support deploying and serving  ...)
 	TODO: check
 CVE-2023-48188 (SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4 ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop opartdevis
 CVE-2023-48034 (An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker  ...)
 	TODO: check
 CVE-2023-48023 (Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor' ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28b0c12dddb2c68309e86b108e3f69ad9994a252

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28b0c12dddb2c68309e86b108e3f69ad9994a252
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231128/baa50a45/attachment-0001.htm>
