[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 20 10:36:51 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cb2468ba by Salvatore Bonaccorso at 2023-09-20T11:36:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2023-5063 (The Widget Responsive for Youtube plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5062 (The WordPress Charts plugin for WordPress is vulnerable to Stored Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4088 (Incorrect Default Permissions vulnerability due to incomplete fix to a ...)
 	TODO: check
 CVE-2023-43621 (An issue was discovered in Croc through 9.6.5. The shared secret, loca ...)
@@ -17,13 +17,13 @@ CVE-2023-43617 (An issue was discovered in Croc through 9.6.5. When a custom sha
 CVE-2023-43616 (An issue was discovered in Croc through 9.6.5. A sender can cause a re ...)
 	TODO: check
 CVE-2023-40934 (A SQL injection vulnerability in Nagios XI 5.11.1 and below allows aut ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2023-40933 (A SQL injection vulnerability in Nagios XI v5.11.1 and below allows au ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2023-40932 (A Cross-site scripting (XSS) vulnerability in Nagios XI version 5.11.1 ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2023-40931 (A SQL injection vulnerability in Nagios XI from version 5.11.0 up to a ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2023-39575 (A reflected cross-site scripting (XSS) vulnerability in the url_str UR ...)
 	TODO: check
 CVE-2023-38888 (Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and be ...)
@@ -33,7 +33,7 @@ CVE-2023-38887 (File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and befor
 CVE-2023-38886 (An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privi ...)
 	TODO: check
 CVE-2023-36319 (File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote ...)
-	TODO: check
+	NOT-FOR-US: Openupload Stable
 CVE-2023-4376 (The Serial Codes Generator and Validator with WooCommerce Support Word ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-4096 (Weak password recovery mechanism vulnerability in Fujitsu Arconte \xc1 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb2468ba840de578fb0daaf24b04c6531a6578ba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb2468ba840de578fb0daaf24b04c6531a6578ba
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230920/d0b67f85/attachment.htm>

More information about the debian-security-tracker-commits mailing list