[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 25 21:16:03 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aac4e7f0 by Salvatore Bonaccorso at 2023-09-25T22:15:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,25 +9,25 @@ CVE-2023-5156 (A flaw was found in the GNU C Library. A recent fix for CVE-2023-
 CVE-2023-4892 (Teedy v1.11 has a vulnerability in its text editor that allows events  ...)
 	TODO: check
 CVE-2023-4631 (The DoLogin Security WordPress plugin before 3.7 uses headers such as  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4549 (The DoLogin Security WordPress plugin before 3.7 does not properly san ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4521 (The Import XML and RSS Feeds WordPress plugin before 2.1.5 contains a  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4502 (The Translate WordPress with GTranslate WordPress plugin before 3.0.4  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4490 (The WP Job Portal WordPress plugin through 2.0.3 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4476 (The Locatoraid Store Locator WordPress plugin before 3.9.24 does not s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4300 (The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not fi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4281 (This Activity Log WordPress plugin before 2.8.8 retrieves client IP ad ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4238 (The Prevent files / folders access WordPress plugin before 2.5.2 does  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4148 (The Ditty WordPress plugin before 3.1.25 does not sanitise and escape  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-43644 (Sing-box is an open source proxy system. Affected versions are subject ...)
 	TODO: check
 CVE-2023-43642 (snappy-java is a Java port of the snappy, a fast C++ compresser/decomp ...)
@@ -45,7 +45,7 @@ CVE-2023-43319 (Cross Site Scripting (XSS) vulnerability in the Sign-In page of
 CVE-2023-43256 (A path traversal in Gladys Assistant v4.26.1 and below allows authenti ...)
 	TODO: check
 CVE-2023-43141 (TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulner ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-43131 (General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow.)
 	TODO: check
 CVE-2023-42817 (Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The ...)
@@ -85,13 +85,13 @@ CVE-2023-41293 (Data security classification vulnerability in the DDMP module. S
 CVE-2023-40163 (An out-of-bounds write vulnerability exists in the allocate_buffer_for ...)
 	TODO: check
 CVE-2023-3664 (The FileOrganizer WordPress plugin through 1.0.2 does not restrict fun ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3550 (Mediawiki v1.40.0 does not validate namespaces used in XML files.  The ...)
 	TODO: check
 CVE-2023-3547 (The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-3226 (The Popup Builder WordPress plugin through 4.1.15 does not sanitise an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-39640 (UpLight cookiebanner before 1.5.1 was discovered to contain a SQL inje ...)
 	TODO: check
 CVE-2023-39453 (A use-after-free vulnerability exists in the tif_parse_sub_IFD functio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aac4e7f0befd495f9dd24eac2acd29f9e88896f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aac4e7f0befd495f9dd24eac2acd29f9e88896f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230925/3165ceb4/attachment.htm>

More information about the debian-security-tracker-commits mailing list