[Git][security-tracker-team/security-tracker][master] NFUs from Red Hat

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Apr 10 13:12:05 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
604d35a9 by Moritz Muehlenhoff at 2024-04-10T14:11:31+02:00
NFUs from Red Hat

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2024-2905
+	NOT-FOR-US: rpm-ostree
+CVE-2024-2243
+	NOT-FOR-US: csmock
 CVE-2024-3556
 	REJECTED
 CVE-2024-3542 (A vulnerability classified as problematic was found in Campcodes Churc ...)
@@ -137,7 +141,7 @@ CVE-2024-0159 (Dell Alienware Command Center, versions 5.5.52.0 and prior, conta
 CVE-2023-6385 (The WordPress Ping Optimizer WordPress plugin through 2.35.1.3.0 does  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-6236 (A flaw was found in JBoss EAP. When an OIDC app that serves multiple t ...)
-	TODO: check
+	NOT-FOR-US: JBoss EAP
 CVE-2023-50347 (HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnera ...)
 	NOT-FOR-US: HCL
 CVE-2023-40148 (Server-side request forgery (SSRF) in PingFederate allows unauthentica ...)
@@ -702,7 +706,7 @@ CVE-2024-21447 (Windows Authentication Elevation of Privilege Vulnerability)
 CVE-2024-21424 (Azure Compute Gallery Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-21409 (.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerab ...)
-	NOT-FOR-US: Microsoft
+	NOT-FOR-US: Microsoft .NET
 CVE-2024-21324 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-21323 (Microsoft Defender for IoT Remote Code Execution Vulnerability)
@@ -993,7 +997,7 @@ CVE-2024-22949 (JFreeChart v1.5.4 was discovered to contain a NullPointerExcepti
 CVE-2024-1664 (The Responsive Gallery Grid WordPress plugin before 2.3.11 does not sa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-1233 (A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, wher ...)
-	TODO: check
+	NOT-FOR-US: JBoss EAP
 CVE-2024-0083 (NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where a ...)
 	NOT-FOR-US: NVIDIA ChatRTX
 CVE-2024-0082 (NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/604d35a9213ce2c8c2243a91182f6841b6a09fd6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/604d35a9213ce2c8c2243a91182f6841b6a09fd6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240410/8cf8bd93/attachment.htm>

More information about the debian-security-tracker-commits mailing list