[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon Dec 23 21:38:49 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e131da5 by Salvatore Bonaccorso at 2024-12-23T22:38:16+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24,9 +24,9 @@ CVE-2024-53276 (Home-Gallery.org is a self-hosted open-source web gallery to bro
 CVE-2024-53275 (Home-Gallery.org is a self-hosted open-source web gallery to browse pe ...)
 	NOT-FOR-US: Home-Gallery.org
 CVE-2024-53256 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
-	TODO: check
+	NOT-FOR-US: Rizin
 CVE-2024-45387 (An SQL injection vulnerability in Traffic Ops in Apache Traffic Contro ...)
-	TODO: check
+	NOT-FOR-US: Apache Traffic Control
 CVE-2024-40896 (In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ...)
 	- libxml2 <not-affected> (Vulnerable code introduced later in 2.11.0)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/761
@@ -38,9 +38,9 @@ CVE-2024-40896 (In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 befo
 CVE-2024-23945 (Signing cookies is an application security feature that adds a digital ...)
 	TODO: check
 CVE-2024-12903 (Incorrect default permissions vulnerability in Evoko Home, affecting v ...)
-	TODO: check
+	NOT-FOR-US: Evoko Home devices
 CVE-2024-12902 (ANCHOR from Global Wisdom Software is an integrated product running on ...)
-	TODO: check
+	NOT-FOR-US: ANCHOR from Global Wisdom Software
 CVE-2024-XXXX [RUSTSEC-2024-0428]
 	- rust-kvm-ioctls <unfixed>
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0428.html
@@ -261040,7 +261040,7 @@ CVE-2021-40961 (CMS Made Simple <=2.2.15 is affected by SQL injection in modules
 CVE-2021-40960 (Galera WebTemplate 1.0 is affected by a directory traversal vulnerabil ...)
 	NOT-FOR-US: Galera WebTemplate
 CVE-2021-40959 (A reflected cross-site scripting vulnerability in MONITORAPP Applicati ...)
-	TODO: check
+	NOT-FOR-US: MONITORAPP Application Insight Web Application Firewall (AIWAF)
 CVE-2021-40958
 	RESERVED
 CVE-2021-40957



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e131da52e0bb0308aa8e700e7c1c93fe1304b1e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e131da52e0bb0308aa8e700e7c1c93fe1304b1e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241223/52d38205/attachment.htm>
