[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fa5c0f7c by Salvatore Bonaccorso at 2024-04-25T09:23:57+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -82,7 +82,7 @@ CVE-2024-4066 (A vulnerability classified as critical has been found in Tenda AC
 CVE-2024-3371 (MongoDB Compass may accept and use insufficiently validated input from ...)
 	TODO: check
 CVE-2024-3261 (The Strong Testimonials WordPress plugin before 3.1.12 does not valida ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-33531 (cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsi ...)
 	TODO: check
 CVE-2024-32958 (Cross-Site Request Forgery (CSRF) vulnerability in Giorgos Sarigiannid ...)
@@ -208,21 +208,21 @@ CVE-2024-32678 (Missing Authorization vulnerability in TrackShip TrackShip for W
 CVE-2024-32677 (Missing Authorization vulnerability in LoginPress LoginPress Pro.This  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-32675 (Missing Authorization vulnerability in Xfinity Soft Order Limit for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-32662 (FreeRDP is a free implementation of the Remote Desktop Protocol. FreeR ...)
 	TODO: check
 CVE-2024-32432 (Missing Authorization vulnerability in Ovic Team Ovic Addon Toolkit.Th ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-32078 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in F ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-32051 (Insertion of sensitive information into log file issue exists in RoamW ...)
-	TODO: check
+	NOT-FOR-US: RoamWiFi
 CVE-2024-31616 (An issue discovered in RG-RSR10-01G-T(W)-S and RG-RSR10-01G-T(WA)-S ro ...)
 	TODO: check
 CVE-2024-31406 (Active debug code vulnerability exists in RoamWiFi R10 prior to 4.8.45 ...)
-	TODO: check
+	NOT-FOR-US: RoamWiFi
 CVE-2024-30886 (A stored cross-site scripting (XSS) vulnerability in the remotelink fu ...)
-	TODO: check
+	NOT-FOR-US: HadSky
 CVE-2024-2972 (The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, ...)
 	TODO: check
 CVE-2024-2404 (The Better Comments WordPress plugin before 1.5.6 does not sanitise an ...)
@@ -230,15 +230,15 @@ CVE-2024-2404 (The Better Comments WordPress plugin before 1.5.6 does not saniti
 CVE-2024-2402 (The Better Comments WordPress plugin before 1.5.6 does not sanitise an ...)
 	TODO: check
 CVE-2024-28977 (Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-28976 (Dell Repository Manager, versions prior to 3.4.5, contains a Path Trav ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-28963 (Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-28825 (Improper restriction of excessive authentication attempts on some auth ...)
 	TODO: check
 CVE-2024-28613 (SQL Injection vulnerability in PHP Task Management System v.1.0 allows ...)
-	TODO: check
+	NOT-FOR-US: PHP Task Management System
 CVE-2024-27791 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	TODO: check
 CVE-2024-27537



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa5c0f7c0cdc5f001350031443a630450e27c77b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa5c0f7c0cdc5f001350031443a630450e27c77b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240425/a0849267/attachment-0001.htm>