[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 30 20:31:38 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8bb03737 by Salvatore Bonaccorso at 2024-08-30T21:30:20+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18,21 +18,21 @@ CVE-2024-8234 (** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability
 CVE-2024-8016 (The Events Calendar Pro plugin for WordPress is vulnerable to PHP Obje ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-6672 (In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vul ...)
-	TODO: check
+	NOT-FOR-US: WhatsUp Gold
 CVE-2024-6671 (In WhatsUp Gold versions released before 2024.0.0, if the application  ...)
-	TODO: check
+	NOT-FOR-US: WhatsUp Gold
 CVE-2024-6670 (In WhatsUp Gold versions released before 2024.0.0,a SQL Injection vuln ...)
-	TODO: check
+	NOT-FOR-US: WhatsUp Gold
 CVE-2024-5879 (The HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms & Analytics  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5784 (The Tutor LMS  Pro plugin for WordPress is vulnerable to unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5061 (The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5024 (The Memberpress plugin for WordPress is vulnerable to Reflected Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4401 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-45492 (An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in  ...)
 	- expat <unfixed>
 	NOTE: https://github.com/libexpat/libexpat/pull/892
@@ -46,7 +46,7 @@ CVE-2024-45490 (An issue was discovered in libexpat before 2.6.3. xmlparse.c doe
 	NOTE: https://github.com/libexpat/libexpat/pull/890
 	NOTE: https://github.com/libexpat/libexpat/issues/887
 CVE-2024-45488 (One Identity Safeguard for Privileged Passwords before 7.5.2 allows un ...)
-	TODO: check
+	NOT-FOR-US: One Identity Safeguard for Privileged Passwords
 CVE-2024-45302 (RestSharp is a Simple REST and HTTP API Client for .NET. The second ar ...)
 	TODO: check
 CVE-2024-44944 [netfilter: ctnetlink: use helper function to calculate expect ID]
@@ -54,21 +54,21 @@ CVE-2024-44944 [netfilter: ctnetlink: use helper function to calculate expect ID
 	[bookworm] - linux 6.1.106-1
 	NOTE: https://git.kernel.org/linus/782161895eb4ac45cf7cfa8db375bd4766cb8299 (6.11-rc1)
 CVE-2024-42412 (Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S116 ...)
-	TODO: check
+	NOT-FOR-US: WAB-I1750-PS and WAB-S1167-PS
 CVE-2024-41349 (unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via applicati ...)
 	TODO: check
 CVE-2024-3998 (The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3673 (The Web Directory Free WordPress plugin before 1.7.3 does not validate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39300 (Missing authentication vulnerability exists in Telnet function of WAB- ...)
-	TODO: check
+	NOT-FOR-US: WAB-I1750-PS
 CVE-2024-34577 (Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000 ...)
-	TODO: check
+	NOT-FOR-US: WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B
 CVE-2024-2881 (Fault Injection vulnerability inwc_ed25519_sign_msg function in wolfss ...)
 	TODO: check
 CVE-2024-2694 (The Betheme theme for WordPress is vulnerable to PHP Object Injection  ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2024-2502 (An application can be configured to block boot attempts after consecut ...)
 	TODO: check
 CVE-2024-1545 (Fault Injection vulnerability in RsaPrivateDecryption function in wolf ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bb0373791262724682ee21bd00f1fd5287318aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bb0373791262724682ee21bd00f1fd5287318aa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240830/36a6c50e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list