[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1024c9b7 by Salvatore Bonaccorso at 2024-08-05T22:33:52+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2024-7397 (Improper filering of special characters result in a command ('command  ...)
-	TODO: check
+	NOT-FOR-US: Korenix JetPort
 CVE-2024-7396 (Missing encryption of sensitive data in Korenix JetPort 5601v3 allows  ...)
-	TODO: check
+	NOT-FOR-US: Korenix JetPort
 CVE-2024-7395 (An authentication bypass vulnerability in Korenix JetPort 5601v3 allow ...)
-	TODO: check
+	NOT-FOR-US: Korenix JetPort
 CVE-2024-6915 (JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7. ...)
-	TODO: check
+	NOT-FOR-US: JFrog Artifactory
 CVE-2024-6865
 	REJECTED
 CVE-2024-6361 (Improper Neutralization vulnerability (XSS) has been discovered in Ope ...)
-	TODO: check
+	NOT-FOR-US: OpenText ALM Octane
 CVE-2024-4607 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2024-42350 (Biscuit is an authorization token with decentralized verification, off ...)
-	TODO: check
+	NOT-FOR-US: Biscuit
 CVE-2024-41960 (mailcow: dockerized is an open source groupware/email suite based on d ...)
-	TODO: check
+	NOT-FOR-US: Mailcow
 CVE-2024-41959 (mailcow: dockerized is an open source groupware/email suite based on d ...)
-	TODO: check
+	NOT-FOR-US: Mailcow
 CVE-2024-41958 (mailcow: dockerized is an open source groupware/email suite based on d ...)
-	TODO: check
+	NOT-FOR-US: Mailcow
 CVE-2024-41381 (microweber 2.0.16 was discovered to contain a Cross Site Scripting (XS ...)
-	TODO: check
+	NOT-FOR-US: microweber
 CVE-2024-41380 (microweber 2.0.16 was discovered to contain a Cross Site Scripting (XS ...)
-	TODO: check
+	NOT-FOR-US: microweber
 CVE-2024-41376 (dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/a ...)
-	TODO: check
+	NOT-FOR-US: dzzoffice
 CVE-2024-41200 (A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: KMPlayer (different from src:kmplayer)
 CVE-2024-40531 (An issue in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.4 ...)
-	TODO: check
+	NOT-FOR-US: UAB Lexita PanteraCRM CMS
 CVE-2024-40530 (Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401. ...)
-	TODO: check
+	NOT-FOR-US: UAB Lexita PanteraCRM CMS
 CVE-2024-40498 (SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem  ...)
-	TODO: check
+	NOT-FOR-US: PuneethReddyHC Online Shopping sysstem
 CVE-2024-40096 (The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application ...)
-	TODO: check
+	NOT-FOR-US: com.cascadialabs.who (aka Who - Caller ID, Spam Block) application
 CVE-2024-33034 (Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU  ...)
 	TODO: check
 CVE-2024-33028 (Memory corruption as fence object may still be accessed in timeline de ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1024c9b7f1b4be1a6d132e55447d322500b7a001

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1024c9b7f1b4be1a6d132e55447d322500b7a001
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240805/6acd355a/attachment.htm>