[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Feb 14 11:52:56 GMT 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c59f4ca9 by Moritz Muehlenhoff at 2024-02-14T12:51:52+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-25125 (Digdag is an open source tool that to build, run, schedule, and monito ...)
-	TODO: check
+	NOT-FOR-US: Digdag
 CVE-2024-25121 (TYPO3 is an open source PHP based web content management system releas ...)
 	NOT-FOR-US: TYPO3
 CVE-2024-25120 (TYPO3 is an open source PHP based web content management system releas ...)
@@ -25,19 +25,19 @@ CVE-2024-24690 (Improper input validation in some Zoom clients may allow an auth
 CVE-2024-24142 (Sourcecodester School Task Manager 1.0 allows SQL Injection via the 's ...)
 	NOT-FOR-US: Sourcecodester School Task Manager
 CVE-2024-22455 (Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Obje ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-1485 (A vulnerability was found in the decompression function of registry-su ...)
-	TODO: check
+	NOT-FOR-US: OpenShift
 CVE-2023-6152 (A user changing their email after signing up and verifying it can chan ...)
-	TODO: check
+	- grafana <removed>
 CVE-2023-44293 (In Dell Secure Connect Gateway Application and Secure Connect Gateway  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-44283 (In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and Supp ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-39249 (Dell SupportAssist for Business PCs version 3.4.0 contains a local Aut ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-38960 (Insecure Permissions issue in Raiden Professional Server RaidenFTPD v. ...)
-	TODO: check
+	NOT-FOR-US: RaidenFTPD
 CVE-2024-1342
 	NOT-FOR-US: Red Hat OpenShift
 CVE-2024-25122 (sidekiq-unique-jobs is an open source project which prevents simultane ...)
@@ -249,25 +249,25 @@ CVE-2024-20673 (Microsoft Office Remote Code Execution Vulnerability)
 CVE-2024-20667 (Azure DevOps Server Remote Code Execution Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-1378 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1374 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1372 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1369 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1359 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1355 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1354 (A command injection vulnerability was identified in GitHub Enterprise  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1309 (Uncontrolled Resource Consumption vulnerability in Honeywell Niagara F ...)
 	NOT-FOR-US: Honeywell
 CVE-2024-1216 (Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Twister Antivirus
 CVE-2024-1163 (Path Traversal in GitHub repository mbloch/mapshaper prior to 0.6.44.)
-	TODO: check
+	NOT-FOR-US: mapshaper
 CVE-2024-1160 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-1159 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
@@ -279,9 +279,9 @@ CVE-2024-1140 (Twister Antivirus v8.17 is vulnerable to an Out-of-bounds Read vu
 CVE-2024-1096 (Twister Antivirus v8.17 allows Elevation of Privileges on the computer ...)
 	NOT-FOR-US: Twister Antivirus
 CVE-2024-1084 (Cross-site Scripting in thetag name pattern field in the tag protectio ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-1082 (A path traversal vulnerability was identified in GitHub Enterprise Ser ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-0707
 	REJECTED
 CVE-2023-6072 (A cross-site scripting vulnerability in Trellix Central Management (CM ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c59f4ca9b787e2b5e0326da2b3a87afdea997a01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c59f4ca9b787e2b5e0326da2b3a87afdea997a01
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240214/abecf50a/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list