[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 9 21:46:10 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bfc82b07 by Salvatore Bonaccorso at 2024-04-09T22:45:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
 CVE-2024-3545 (Improper permission handling in the vault offline cache feature in Dev ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2024-3514 (The Responsive Tabs plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3512 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3446 (A double free vulnerability was found in QEMU virtio devices (virtio-g ...)
 	TODO: check
 CVE-2024-3281 (A vulnerability was discovered in the firmware builds after 8.0.2.3267 ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2024-3267 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3266 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3244 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3214 (The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3213 (The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3208 (The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3167 (The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3136 (The MasterStudy LMS plugin for WordPress is vulnerable to Local File I ...)
 	TODO: check
 CVE-2024-3097 (The WordPress Gallery Plugin \u2013 NextGEN Gallery plugin for WordPre ...)
@@ -35,7 +35,7 @@ CVE-2024-3053 (The Forminator \u2013 Contact Form, Payment Form & Custom Form Bu
 CVE-2024-3046 (In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4 ...)
 	TODO: check
 CVE-2024-31978 (A vulnerability has been identified in SINEC NMS (All versions < V2.0  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-31868 (Improper Encoding or Escaping of Output vulnerability in Apache Zeppel ...)
 	NOT-FOR-US: Apache Zeppelin
 CVE-2024-31867 (Improper Input Validation vulnerability in Apache Zeppelin.  The attac ...)
@@ -51,15 +51,15 @@ CVE-2024-31863 (Authentication Bypass by Spoofing vulnerability by replacing to
 CVE-2024-31862 (Improper Input Validation vulnerability in Apache Zeppelin when creati ...)
 	NOT-FOR-US: Apache Zeppelin
 CVE-2024-31860 (Improper Input Validation vulnerability in Apache Zeppelin.  By adding ...)
-	TODO: check
+	NOT-FOR-US: Apache Zeppelin
 CVE-2024-31544 (A stored cross-site scripting (XSS) vulnerability in Computer Laborato ...)
-	TODO: check
+	NOT-FOR-US: Computer Laboratory Management System
 CVE-2024-31507 (Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Online Graduate Tracer System
 CVE-2024-31506 (Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Online Graduate Tracer System
 CVE-2024-31487 (A improper limitation of a pathname to a restricted directory ('path t ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2024-31457 (gin-vue-admin is a backstage management system based on vue and gin, w ...)
 	TODO: check
 CVE-2024-31455 (Minder by Stacklok is an open source software supply chain security pl ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfc82b0768a3df74943cce529c9f5d35fb6a7823

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfc82b0768a3df74943cce529c9f5d35fb6a7823
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240409/0d3ee164/attachment.htm>

More information about the debian-security-tracker-commits mailing list