[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Apr 19 09:23:06 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
45fd8b11 by Moritz Muehlenhoff at 2024-04-19T10:22:16+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -107,15 +107,15 @@ CVE-2024-32552 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2024-32551 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2024-32477 (Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure ...)
- TODO: check
+ NOT-FOR-US: Deno
CVE-2024-32475 (Envoy is a cloud-native, open source edge and service proxy. When an u ...)
- envoyproxy <itp> (bug #987544)
CVE-2024-32474 (Sentry is an error tracking and performance monitoring platform. Prior ...)
NOT-FOR-US: Sentry
CVE-2024-32470 (Tolgee is an open-source localization platform. When API key created b ...)
- TODO: check
+ NOT-FOR-US: Tolgee
CVE-2024-32466 (Tolgee is an open-source localization platform. For the `/v2/projects/ ...)
- TODO: check
+ NOT-FOR-US: Tolgee
CVE-2024-32462 (Flatpak is a system for building, distributing, and running sandboxed ...)
- flatpak 1.14.6-1
NOTE: https://www.openwall.com/lists/oss-security/2024/04/18/5
@@ -145,55 +145,55 @@ CVE-2024-32126 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2024-31229 (Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plug ...)
NOT-FOR-US: WordPress plugin
CVE-2024-30564 (An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1. ...)
- TODO: check
+ NOT-FOR-US: nora-firebase-common
CVE-2024-30257 (1Panel is an open source Linux server operation and maintenance manage ...)
- TODO: check
+ NOT-FOR-US: 1Panel
CVE-2024-2833 (The Jobs for WordPress plugin for WordPress is vulnerable to Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2796 (A server-side request forgery (SSRF) was discovered in the Akana Commu ...)
- TODO: check
+ NOT-FOR-US: Akana Community Manager Developer Portal
CVE-2024-29987 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-29986 (Microsoft Edge for Android (Chromium-based) Information Disclosure Vul ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-29021 (Judge0 is an open-source online code execution system. The default con ...)
- TODO: check
+ NOT-FOR-US: Judge0
CVE-2024-29003 (The SolarWinds Platform was susceptible to a XSS vulnerability that af ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-29001 (A SolarWinds Platform SWQL Injection Vulnerability was identified in t ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-28189 (Judge0 is an open-source online code execution system. The application ...)
- TODO: check
+ NOT-FOR-US: Judge0
CVE-2024-28185 (Judge0 is an open-source online code execution system. The application ...)
- TODO: check
+ NOT-FOR-US: Judge0
CVE-2024-28076 (The SolarWinds Platform was susceptible to a Arbitrary Open Redirectio ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-27306 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
TODO: check
CVE-2024-24910 (A local attacker can escalate privileges on affected Check Point ZoneA ...)
- TODO: check
+ NOT-FOR-US: Check Point
CVE-2024-23557 (HCL Connections contains a user enumeration vulnerability. Certain act ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-20380 (A vulnerability in the HTML parser of ClamAV could allow an unauthenti ...)
TODO: check
CVE-2023-6897 (The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6892 (The EAN for WooCommerce plugin for WordPress is vulnerable to Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50885 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49768 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49742 (Missing Authorization vulnerability in Support Genix.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47843 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41864 (Cross-Site Request Forgery (CSRF) vulnerability in Pepro Dev. Group Pe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3758 (A race condition flaw was found in sssd where the GPO policy is not co ...)
TODO: check
CVE-2023-3675 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Secomea GateManager
CVE-2024-XXXX [tryton zipbomb DoS]
- tryton-server 6.0.45-1
[bookworm] - tryton-server <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45fd8b11d8c87dc23b15201db1217c055fbd076a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45fd8b11d8c87dc23b15201db1217c055fbd076a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240419/1fa4f5b5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list