[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 09 Nov 2023 12:44:48 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e50ab6b3 by Salvatore Bonaccorso at 2023-11-09T21:44:01+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55,43 +55,43 @@ CVE-2023-46743 (application-collabora is an integration of 
Collabora Online in X
 CVE-2023-46614 (Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao 
Corp WP Hel ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45885 (Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka 
openmct ...)
-       TODO: check
+       NOT-FOR-US: NASA Open MCT (aka openmct)
 CVE-2023-45884 (Cross Site Request Forgery (CSRF) vulnerability in NASA Open 
MCT (aka  ...)
-       TODO: check
+       NOT-FOR-US: NASA Open MCT (aka openmct)
 CVE-2023-43791 (Label Studio is a multi-type data labeling and annotation tool 
with st ...)
-       TODO: check
+       NOT-FOR-US: HumanSignal Label Studio
 CVE-2023-41138 (The AppsAnywhere macOS client-privileged helper can be tricked 
into ex ...)
-       TODO: check
+       NOT-FOR-US: AppsAnywhere macOS client-privileged helper
 CVE-2023-41137 (Symmetric encryption used to protect messages between the 
AppsAnywhere ...)
-       TODO: check
+       NOT-FOR-US: AppsAnywhere
 CVE-2023-40055 (The Network Configuration Manager was susceptible to a 
Directory Trave ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2023-40054 (The Network Configuration Manager was susceptible to a 
Directory Trave ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2023-39198 (A race condition was found in the QXL driver in the Linux 
kernel. The  ...)
        TODO: check
 CVE-2023-36688 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Mich ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34386 (Cross-Site Request Forgery (CSRF) vulnerability in WPClever 
WPC Smart  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34371 (Cross-Site Request Forgery (CSRF) vulnerability in Didier 
Sampaolo Spa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34182 (Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw 
LH Passw ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34181 (Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus 
plugin <= ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34178 (Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg 
Inc. Gro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34177 (Cross-Site Request Forgery (CSRF) vulnerability in Kenth 
Hagstr\xf6m W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34171 (Cross-Site Request Forgery (CSRF) vulnerability in Alex Raven 
WP Repor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34169 (Cross-Site Request Forgery (CSRF) vulnerability in SAKURA 
Internet Inc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34033 (Cross-Site Request Forgery (CSRF) vulnerability in Malinky 
Ajax Pagina ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34002 (Cross-Site Request Forgery (CSRF) vulnerability in WP 
Inventory Manage ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-46857
        NOT-FOR-US: Squidex
 CVE-2023-5079 (Lenovo LeCloud App improper input validation allows attackers 
to acces ...)
@@ -26246,7 +26246,7 @@ CVE-2023-31089
 CVE-2023-31088
        RESERVED
 CVE-2023-31087 (Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS 
Job Mana ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31086
        RESERVED
 CVE-2023-31085 (An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux 
kernel  ...)
@@ -41302,7 +41302,7 @@ CVE-2023-26158
 CVE-2023-26157
        RESERVED
 CVE-2023-26156 (Versions of the package chromedriver before 119.0.1 are 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: chromedriver Node.js module
 CVE-2023-26155 (All versions of the package node-qpdf are vulnerable to 
Command Inject ...)
        NOT-FOR-US: node-qpdf
 CVE-2023-26154
@@ -41823,7 +41823,7 @@ CVE-2023-25996
 CVE-2023-25995
        RESERVED
 CVE-2023-25994 (Cross-Site Request Forgery (CSRF) vulnerability in Alex 
Benfica Publis ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25993
        RESERVED
 CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Crea ...)
@@ -41861,7 +41861,7 @@ CVE-2023-25977 (Auth. (admin+) Stored Cross-Site 
Scripting (XSS) vulnerability i
 CVE-2023-25976 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks 
Integrati ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25975 (Cross-Site Request Forgery (CSRF) vulnerability in 
Fr\xe9d\xe9ric Shee ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-25974 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in psic ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25973 (Cross-Site Request Forgery (CSRF) vulnerability in Lucian 
Apostol Auto ...)
@@ -67122,7 +67122,7 @@ CVE-2020-36608 (A vulnerability, which was classified 
as problematic, has been f
 CVE-2023-20903 (This disclosure regards a vulnerability related to UAA refresh 
tokens  ...)
        NOT-FOR-US: Cloud Foundry
 CVE-2023-20902 (A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and 
below,  ...)
-       TODO: check
+       NOT-FOR-US: Harbor
 CVE-2023-20901
        RESERVED
 CVE-2023-20900 (A malicious actor that has been granted  Guest Operation 
Privileges ht ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e50ab6b3d6f1ac1e9038bf9f4150c020c459684e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e50ab6b3d6f1ac1e9038bf9f4150c020c459684e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to