[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Apr 4 12:27:33 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b9cda3f by Moritz Muehlenhoff at 2024-04-04T13:27:04+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2024-30255
+	- envoyproxy <itp> (bug #987544)
 CVE-2024-28182
 	- nghttp2 <unfixed>
 	NOTE: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
@@ -851,9 +853,9 @@ CVE-2024-24506 (Cross Site Scripting (XSS) vulnerability in Lime Survey Communit
 CVE-2024-1327 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-35764 (Insufficient verification of data authenticity issue in Survey Maker p ...)
-	TODO: check
+	NOT-FOR-US: Survey Maker
 CVE-2023-34423 (Survey Maker prior to 3.6.4 contains a stored cross-site scripting vul ...)
-	TODO: check
+	NOT-FOR-US: Survey Maker
 CVE-2024-3159
 	{DSA-5654-1}
 	- chromium 123.0.6312.105-1
@@ -898,13 +900,13 @@ CVE-2024-30531 (Server-Side Request Forgery (SSRF) vulnerability in Nelio Softwa
 CVE-2024-30335 (Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Di ...)
 	NOT-FOR-US: Foxit PDF Reader
 CVE-2024-30248 (Piccolo Admin is an admin interface/content management system for Pyth ...)
-	TODO: check
+	NOT-FOR-US: Piccolo Admin
 CVE-2024-2931 (The WPFront User Role Editor plugin for WordPress is vulnerable to Sen ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2745 (Rapid7's InsightVM maintenance mode login page suffers from a sensitiv ...)
 	NOT-FOR-US: Rapid7
 CVE-2024-2435 (For an attacker with pre-existing access to send a signal to a workflo ...)
-	TODO: check
+	NOT-FOR-US: Temporal ui-server
 CVE-2024-2389 (In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system c ...)
 	NOT-FOR-US: Flowmon
 CVE-2024-29949 (There is a command injection vulnerability in some Hikvision NVRs. Thi ...)
@@ -936,23 +938,23 @@ CVE-2024-1807 (The Product Sort and Display for WooCommerce plugin for WordPress
 CVE-2024-1732 (The Sharkdropship for AliExpress Dropshipping and Affiliate plugin for ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-6951 (A Use of Weak Credentials vulnerability affecting the Wi-Fi network ge ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-6950 (An Improper Input Validation vulnerability affecting the FTP service r ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-6949 (A Missing Authentication for Critical Function issue affecting the HTT ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-6948 (A Buffer Copy without Checking Size of Input issue affecting the v2_sd ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-51456 (A Improper Input Validation issue affecting the v2_sdk_service running ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-51455 (A Improper Validation of Array Index issue affecting the v2_sdk_servic ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-51454 (A Out-of-bounds Write issue affecting the v2_sdk_service running on a  ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-51453 (A Improper Input Validation issue affecting the v2_sdk_service running ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-51452 (A Improper Input Validation issue affecting the v2_sdk_service running ...)
-	TODO: check
+	NOT-FOR-US: DJI
 CVE-2023-50313 (IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than ...)
 	NOT-FOR-US: IBM
 CVE-2024-3165 (System->Maintenance-> Log Files in dotCMS dashboard is providing the u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b9cda3ff33c33839793849c4f3cade8187a1bb9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b9cda3ff33c33839793849c4f3cade8187a1bb9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240404/607ab8c1/attachment.htm>

More information about the debian-security-tracker-commits mailing list