[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 18 21:03:58 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4a4b90d1 by Salvatore Bonaccorso at 2024-12-18T22:03:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,11 +79,11 @@ CVE-2024-52579 (Misskey is an open source, federated social media platform. Some
 CVE-2024-52485 (Missing Authorization vulnerability in Yudiz Solutions Ltd. WP Menu Im ...)
 	TODO: check
 CVE-2024-52361 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9     stor ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-51646 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	TODO: check
 CVE-2024-51470 (IBM MQ9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appli ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-50570 (A Cleartext Storage of Sensitive Information vulnerability [CWE-312] i ...)
 	TODO: check
 CVE-2024-4996 (Use of a hard-coded password for a database administrator account crea ...)
@@ -93,7 +93,7 @@ CVE-2024-4995 (Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade requ
 CVE-2024-49677 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	TODO: check
 CVE-2024-49576 (A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0 ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2024-49363 (Misskey is an open source, federated social media platform. In affecte ...)
 	TODO: check
 CVE-2024-49202 (Keyfactor Command before 12.5.0 has Incorrect Access Control: access t ...)
@@ -103,11 +103,11 @@ CVE-2024-49201 (Keyfactor Remote File Orchestrator (aka remote-file-orchestrator
 CVE-2024-48889 (An Improper Neutralization of Special Elements used in an OS Command ( ...)
 	TODO: check
 CVE-2024-47810 (A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0 ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2024-47119 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-47104 (IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining eleva ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-47040 (There is a possible UAF due to a logic error in the code.This could le ...)
 	TODO: check
 CVE-2024-47039 (In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out  ...)
@@ -115,13 +115,13 @@ CVE-2024-47039 (In isSlotMarkedSuccessful of BootControl.cpp, there is a possibl
 CVE-2024-47038 (In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a possibl ...)
 	TODO: check
 CVE-2024-45082 (IBM Cognos Analytics11.2.0 through 11.2.4 and 12.0.0 through 12.0.3    ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-41752 (IBM Cognos Analytics11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-36694 (OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI ...)
 	TODO: check
 CVE-2024-25042 (IBM Cognos Analytics11.2.0 through 11.2.4 and 12.0.0 through 12.0.3    ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-12741 (A deserialization of untrusted data vulnerability exists in NI DAQExpr ...)
 	TODO: check
 CVE-2024-12554 (The Peter\u2019s Custom Anti-Spam plugin for WordPress is vulnerable t ...)
@@ -143,7 +143,7 @@ CVE-2024-11912 (The Travel Booking WordPress Theme theme for WordPress is vulner
 CVE-2024-11291 (The Paid Membership Subscriptions \u2013 Effortless Memberships, Recur ...)
 	TODO: check
 CVE-2023-50956 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9   could  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-34990 (A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8 ...)
 	TODO: check
 CVE-2024-56175 (In Optimizely Configured Commerce before 5.2.2408, malicious payloads  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a4b90d18b5bafc27e35c969a10ec9c10ed62bc0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a4b90d18b5bafc27e35c969a10ec9c10ed62bc0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241218/4b58c063/attachment.htm>

More information about the debian-security-tracker-commits mailing list