[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Aug 31 10:54:35 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8675d272 by Salvatore Bonaccorso at 2024-08-31T11:50:56+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14,27 +14,27 @@ CVE-2024-8006 (Remote packet capture support is disabled by default in libpcap.
 CVE-2024-7435 (The Attire theme for WordPress is vulnerable to PHP Object Injection i ...)
 	NOT-FOR-US: WordPress theme
 CVE-2024-6586 (Lightdash version 0.1024.6 allows users with the necessary permissions ...)
-	TODO: check
+	NOT-FOR-US: Lightdash
 CVE-2024-6585 (Multiple stored cross-site scripting (\u201cXSS\u201d) vulnerabilities ...)
-	TODO: check
+	NOT-FOR-US: Lightdash
 CVE-2024-5212 (The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-45304 (Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starkn ...)
 	TODO: check
 CVE-2024-44684 (TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/ ...)
-	TODO: check
+	NOT-FOR-US: TpMeCMS
 CVE-2024-44683 (Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2024-44682 (ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the backend  ...)
-	TODO: check
+	NOT-FOR-US: ShopXO
 CVE-2024-3886 (The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39747 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses d ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-39579 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an inc ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-39578 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-7256 (In affected libpcap versions during the setup of a remote packet captu ...)
 	- libpcap <unfixed> (unimportant)
 	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/262e4f34979872d822ccedf9f318ed89c4d31c03 (master)
@@ -98,7 +98,7 @@ CVE-2024-7051
 CVE-2024-6204 (Zohocorp ManageEngine Exchange Reporter Plus versions before5715 are v ...)
 	NOT-FOR-US: Zohocorp ManageEngine
 CVE-2024-45047 (svelte performance oriented web framework. A potential mXSS vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: svelte
 CVE-2024-44918 (A cross-site scripting (XSS) vulnerability in the component admin_data ...)
 	NOT-FOR-US: SeaCMS
 CVE-2024-44916 (Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows ...)
@@ -159,7 +159,7 @@ CVE-2024-45490 (An issue was discovered in libexpat before 2.6.3. xmlparse.c doe
 CVE-2024-45488 (One Identity Safeguard for Privileged Passwords before 7.5.2 allows un ...)
 	NOT-FOR-US: One Identity Safeguard for Privileged Passwords
 CVE-2024-45302 (RestSharp is a Simple REST and HTTP API Client for .NET. The second ar ...)
-	TODO: check
+	NOT-FOR-US: RestSharp
 CVE-2024-44944 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.10.3-1
 	[bookworm] - linux 6.1.106-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8675d272e61b147d91d8287d5fc4d8e0be7d1ba8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8675d272e61b147d91d8287d5fc4d8e0be7d1ba8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240831/d50de405/attachment.htm>
