[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Oct 13 08:31:47 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d2f0b7b7 by Moritz Muehlenhoff at 2023-10-13T09:30:11+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,23 @@
+CVE-2023-45365
+ NOT-FOR-US: MediaWiki extension Citoid
+CVE-2023-45366
+ NOT-FOR-US: MediaWiki extension Wikibase
+CVE-2023-45368
+ NOT-FOR-US: MediaWiki extension EntitySchema
CVE-2023-5562 (An unsafe default configuration in KNIME Analytics Platform before 5.2 ...)
- TODO: check
+ NOT-FOR-US: KNIME
CVE-2023-5556 (Cross-site Scripting (XSS) - Reflected in GitHub repository structuriz ...)
- TODO: check
+ NOT-FOR-US: structurizr/onpremises
CVE-2023-5555 (Cross-site Scripting (XSS) - Generic in GitHub repository frappe/lms p ...)
- TODO: check
+ NOT-FOR-US: frappe/lms
CVE-2023-5554 (Lack of TLS certificate verification in log transmission of a financia ...)
- TODO: check
+ NOT-FOR-US: LINE
CVE-2023-5072 (Denial of Service in JSON-Java versions up to and including 20230618. ...)
TODO: check
CVE-2023-5046 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Procost
CVE-2023-5045 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Kayisi
CVE-2023-45143 (Undici is an HTTP/1.1 client written from scratch for Node.js. Prior t ...)
TODO: check
CVE-2023-45142 (OpenTelemetry-Go Contrib is a collection of third-party packages for O ...)
@@ -21,49 +27,49 @@ CVE-2023-45138 (Change Request is an pplication allowing users to request change
CVE-2023-45133 (Babel is a compiler for writingJavaScript. In `@babel/traverse` prior ...)
TODO: check
CVE-2023-45106 (Cross-Site Request Forgery (CSRF) vulnerability in Fedor Urvanov, Aram ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45103 (Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Per ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45102 (Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Blog Mana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45068 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45063 (Cross-Site Request Forgery (CSRF) vulnerability in ReCorp AI Content W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45060 (Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com Intera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45058 (Cross-Site Request Forgery (CSRF) vulnerability in KaizenCoders Short ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45052 (Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45048 (Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45047 (Cross-Site Request Forgery (CSRF) vulnerability in LeadSquared, Inc Le ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45011 (Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Pow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44998 (Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43149 (SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) th ...)
- TODO: check
+ NOT-FOR-US: SPA-Cart
CVE-2023-43148 (SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability ...)
- TODO: check
+ NOT-FOR-US: SPA-Cart
CVE-2023-43147 (PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Reque ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers Limo Booking Software
CVE-2023-41131 (Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Da ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37637
REJECTED
CVE-2023-32634 (An authentication bypass vulnerability exists in the CiRpcServerThread ...)
- TODO: check
+ NOT-FOR-US: SoftEther VPN
CVE-2023-32275 (An information disclosure vulnerability exists in the CtEnumCa() funct ...)
- TODO: check
+ NOT-FOR-US: SoftEther VPN
CVE-2023-32124 (Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31192 (An information disclosure vulnerability exists in the ClientConnect() ...)
- TODO: check
+ NOT-FOR-US: SoftEther VPN
CVE-2023-27516 (An authentication bypass vulnerability exists in the CiRpcAccepted() f ...)
- TODO: check
+ NOT-FOR-US: SoftEther VPN
CVE-2023-36839
NOT-FOR-US: Juniper
CVE-2023-44204
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0b7b7fa4e5d734006135c560cc6be8d459c45
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0b7b7fa4e5d734006135c560cc6be8d459c45
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231013/22ea0c87/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list