[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Dec 27 08:42:12 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bdb05646 by Salvatore Bonaccorso at 2024-12-27T09:41:50+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14,53 +14,53 @@ CVE-2024-56519 (An issue was discovered in TCPDF before 6.8.0. setSVGStyles does
 	- tcpdf <unfixed>
 	NOTE: Fixed by: https://github.com/tecnickcom/TCPDF/commit/c9f41cbb84880bdb4fc3e0a9d287214d1ac4d7f4 (6.8.0)
 CVE-2024-56510 (@marp-team/marp-core is the core for Marp, which is the ecosystem to w ...)
-	TODO: check
+	NOT-FOR-US: Marp core
 CVE-2024-56361 (LGSL (Live Game Server List) provides online status for games. Before  ...)
-	TODO: check
+	NOT-FOR-US: LGSL (Live Game Server List)
 CVE-2024-55950 (Tabby (formerly Terminus) is a highly configurable terminal emulator.  ...)
 	TODO: check
 CVE-2024-53850 (The Addressing GLPI plugin enables you to create IP reports for visual ...)
-	TODO: check
+	NOT-FOR-US: Addressing GLPI plugin
 CVE-2024-45805 (OpenCTI is an open-source cyber threat intelligence platform. Before 6 ...)
-	TODO: check
+	NOT-FOR-US: OpenCTI
 CVE-2024-45600 (Fields is a GLPI plugin that allows users to add custom fields on GLPI ...)
-	TODO: check
+	NOT-FOR-US: GLPI plugin
 CVE-2024-12983 (A vulnerability classified as problematic has been found in code-proje ...)
-	TODO: check
+	NOT-FOR-US: code-projects Hospital Management System
 CVE-2024-12982 (A vulnerability was found in PHPGurukul Blood Bank & Donor Management  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Blood Bank & Donor Management System
 CVE-2024-12981 (A vulnerability was found in CodeAstro Car Rental System 1.0. It has b ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Car Rental System
 CVE-2024-12980 (A vulnerability was found in code-projects Job Recruitment 1.0. It has ...)
-	TODO: check
+	NOT-FOR-US: code-projects Job Recruitment
 CVE-2024-12979 (A vulnerability was found in code-projects Job Recruitment 1.0 and cla ...)
-	TODO: check
+	NOT-FOR-US: code-projects Job Recruitment
 CVE-2024-12978 (A vulnerability has been found in code-projects Job Recruitment 1.0 an ...)
-	TODO: check
+	NOT-FOR-US: code-projects Job Recruitment
 CVE-2024-12977 (A vulnerability, which was classified as critical, was found in PHPGur ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Complaint Management System
 CVE-2024-12976 (A vulnerability, which was classified as critical, has been found in C ...)
-	TODO: check
+	NOT-FOR-US: CodeZips Hospital Management System
 CVE-2024-12969 (A vulnerability, which was classified as critical, has been found in c ...)
-	TODO: check
+	NOT-FOR-US: code-projects Hospital Management System
 CVE-2024-12968 (A vulnerability classified as critical was found in code-projects Job  ...)
-	TODO: check
+	NOT-FOR-US: code-projects Job Recruitment
 CVE-2024-12967 (A vulnerability classified as critical has been found in code-projects ...)
-	TODO: check
+	NOT-FOR-US: code-projects Job Recruitment
 CVE-2024-12966 (A vulnerability was found in code-projects Job Recruitment 1.0. It has ...)
-	TODO: check
+	NOT-FOR-US: code-projects Job Recruitment
 CVE-2024-12965 (A vulnerability was found in 1000 Projects Portfolio Management System ...)
-	TODO: check
+	NOT-FOR-US: 1000 Projects Portfolio Management System
 CVE-2024-11921 (The GiveWP  WordPress plugin before 3.19.0 does not sanitise and escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11842 (The DN Shipping by Weight for WooCommerce WordPress plugin before 1.2  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11645 (The float block WordPress plugin through 1.7 does not sanitise and esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11644 (The WP-SVG WordPress plugin through 0.9 does not validate and escape s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11605 (The wp-publications WordPress plugin through 1.2 does not escape filen ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8994 (Some Honor products are affected by information leak vulnerability, su ...)
 	NOT-FOR-US: Honor
 CVE-2024-8993 (Some Honor products are affected by information leak vulnerability, su ...)
@@ -171,7 +171,7 @@ CVE-2024-12928 (A vulnerability, which was classified as critical, was found in
 CVE-2024-12927 (A vulnerability, which was classified as critical, has been found in 1 ...)
 	NOT-FOR-US: 1000 Projects Attendance Tracking Management System
 CVE-2024-12652 (A Improper Control of Generation of Code ('Code Injection') vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: SmartRobot's Conversational AI Platform
 CVE-2024-11223 (The WPForms  WordPress plugin before 1.9.2.3 does not sanitise and esc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-10903 (The Broken Link Checker WordPress plugin before 2.4.2 does not validat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdb05646a159992b5daf3eac283ba43538d3118f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdb05646a159992b5daf3eac283ba43538d3118f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241227/4213798d/attachment.htm>

More information about the debian-security-tracker-commits mailing list