[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
609f5e65 by Moritz Muehlenhoff at 2024-04-11T16:42:45+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50,7 +50,7 @@ CVE-2024-30916 (An issue was discovered in eProsima FastDDS v.2.14.0 and before,
 	[bullseye] - fastdds <no-dsa> (Minor issue)
 	NOTE: https://github.com/eProsima/Fast-DDS/issues/4609
 CVE-2024-30915 (An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de ...)
-	TODO: check
+	NOT-FOR-US: OpenDDS
 CVE-2024-30885 (Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, a ...)
 	NOT-FOR-US: HadSky
 CVE-2024-30884 (Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version  ...)
@@ -304,9 +304,9 @@ CVE-2024-23735 (Cross Site Scripting (XSS) vulnerability in in the S/MIME certif
 CVE-2024-23734 (Cross Site Request Forgery vulnerability in in the upload functionalit ...)
 	NOT-FOR-US: savignano S/Notify
 CVE-2024-23083 (Time4J Base v5.9.3 was discovered to contain a NullPointerException vi ...)
-	TODO: check
+	NOT-FOR-US: Time4J Base
 CVE-2024-23080 (Joda Time v2.12.5 was discovered to contain a NullPointerException via ...)
-	TODO: check
+	NOT-FOR-US: Joda Time
 CVE-2024-23077 (JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBo ...)
 	- libjfreechart-java <unfixed>
 CVE-2024-23076 (FreeChart v1.5.4 was discovered to contain a NullPointerException via  ...)
@@ -338,19 +338,19 @@ CVE-2024-1740 (In lunary-ai/lunary version 1.0.1, a vulnerability exists where a
 CVE-2024-1728 (gradio-app/gradio is vulnerable to a local file inclusion vulnerabilit ...)
 	NOT-FOR-US: Gradio
 CVE-2024-1643 (By knowing an organization's ID, an attacker can join the organization ...)
-	TODO: check
+	NOT-FOR-US: lunary-ai/lunary
 CVE-2024-1625 (An Insecure Direct Object Reference (IDOR) vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: lunary-ai/lunary
 CVE-2024-1602 (parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting (XS ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms-webui
 CVE-2024-1600 (A Local File Inclusion (LFI) vulnerability exists in the parisneo/loll ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms-webui
 CVE-2024-1599 (lunary-ai/lunary version 0.3.0 is vulnerable to unauthorized project c ...)
 	NOT-FOR-US: lunary-ai/lunary
 CVE-2024-1520 (An OS Command Injection vulnerability exists in the '/open_code_folder ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms-webui
 CVE-2024-1511 (The parisneo/lollms-webui repository is susceptible to a path traversa ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms-webui
 CVE-2024-0218 (A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, c ...)
 	NOT-FOR-US: Nozomi Networks Guardian
 CVE-2023-6916 (Audit records for OpenAPI requests may include sensitive information.  ...)
@@ -1532,7 +1532,7 @@ CVE-2024-23584 (The NMAP Importer service may expose data store credentials to a
 CVE-2024-23084 (Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsExce ...)
 	- libapfloat-java <unfixed>
 CVE-2024-23081 (ThreeTen Backport v1.6.8 was discovered to contain a NullPointerExcept ...)
-	TODO: check
+	NOT-FOR-US: ThreeTen Backport
 CVE-2024-23079 (JGraphT Core v1.5.2 was discovered to contain a NullPointerException v ...)
 	- jgrapht <unfixed>
 CVE-2024-22949 (JFreeChart v1.5.4 was discovered to contain a NullPointerException via ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/609f5e65ca7929de8337764f58d4a44ce3cf7b8f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/609f5e65ca7929de8337764f58d4a44ce3cf7b8f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240411/88d6fe95/attachment-0001.htm>