[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 31 08:36:44 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1db1455f by Salvatore Bonaccorso at 2024-12-31T09:36:19+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-45497 (A flaw was found in the OpenShift build process, where the docker-buil ...)
-	TODO: check
+	NOT-FOR-US: OpenShift
 CVE-2024-13058 (An issue exists in SoftIron HyperCloud  where authenticated, but non-a ...)
 	TODO: check
 CVE-2024-13051 (Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Rem ...)
@@ -21,7 +21,7 @@ CVE-2024-13044 (Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote
 CVE-2024-13043 (Panda Security Dome Link Following Local Privilege Escalation Vulnerab ...)
 	TODO: check
 CVE-2024-13042 (A vulnerability was found in Tsinghua Unigroup Electronic Archives Man ...)
-	TODO: check
+	NOT-FOR-US: Tsinghua Unigroup Electronic Archives Management System
 CVE-2024-13040 (The QOCA aim from Quanta Computer has an Authorization Bypass Through  ...)
 	TODO: check
 CVE-2024-12839 (The login mechanism via device authentication of CGFIDO from Changing  ...)
@@ -29,13 +29,13 @@ CVE-2024-12839 (The login mechanism via device authentication of CGFIDO from Cha
 CVE-2024-12838 (The passwordless login mechanism in CGFIDO from Changing Information T ...)
 	TODO: check
 CVE-2024-12753 (Foxit PDF Reader Link Following Local Privilege Escalation Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2024-12752 (Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vuln ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2024-12751 (Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vul ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2024-11972 (The Hunk Companion WordPress plugin before 1.9.0 does not correctly au ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11946 (iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmi ...)
 	TODO: check
 CVE-2024-11944 (iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote C ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1db1455f80f07b235be2d1c5c9f1e10afb5e611c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1db1455f80f07b235be2d1c5c9f1e10afb5e611c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241231/61172b6a/attachment.htm>

More information about the debian-security-tracker-commits mailing list