[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 20 08:20:59 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cf007eae by Salvatore Bonaccorso at 2024-02-20T09:20:29+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2024-26134 (cbor2 provides encoding and decoding for the Concise Binary Object Rep ...)
TODO: check
CVE-2024-26129 (PrestaShop is an open-source e-commerce platform. Starting in version ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2024-25974 (The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: Frentix GmbH OpenOlat LMS
CVE-2024-25973 (The Frentix GmbH OpenOlat LMS is affected by multiple stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: Frentix GmbH OpenOlat LMS
CVE-2024-25149 (Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, an ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-22234 (In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x p ...)
TODO: check
CVE-2024-1651 (Torrentpier version 2.4.1 allows executing arbitrary commands on the s ...)
@@ -17,35 +17,35 @@ CVE-2024-1648 (electron-pdf version 20.0.0 allows an external attacker to remote
CVE-2024-1647 (Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtai ...)
TODO: check
CVE-2024-1644 (Suite CRM version 7.14.2 allows including local php files. This is pos ...)
- TODO: check
+ NOT-FOR-US: Suite CRM
CVE-2024-1638 (The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GAT ...)
TODO: check
CVE-2024-1559 (The Link Library plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1510 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1297 (Loomio version 2.22.0 allows executing arbitrary commands on the serve ...)
TODO: check
CVE-2024-0715 (Expression Language Injection vulnerability in Hitachi Global Link Man ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-6764 (A format string vulnerability in a function of the IPSec VPN feature i ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2023-6399 (A format string vulnerability in Zyxel ATP series firmware versions fr ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2023-6398 (A post-authentication command injection vulnerability in the file uplo ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2023-6397 (A null pointer dereference vulnerability in Zyxel ATP series firmware ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2023-6260 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
TODO: check
CVE-2023-6259 (Insufficiently Protected Credentials, : Improper Access Control vulner ...)
TODO: check
CVE-2023-5190 (Open redirect vulnerability in the Countries Management\u2019s edit re ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2023-44308 (Open redirect vulnerability in adaptive media administration page in L ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2022-48625 (Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key ...)
- TODO: check
+ NOT-FOR-US: Yealink
CVE-2024-1635 (A vulnerability was found in Undertow. This vulnerability impacts a se ...)
- undertow <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2264928
@@ -83237,7 +83237,7 @@ CVE-2022-45322
CVE-2022-45321
RESERVED
CVE-2022-45320 (Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2022-45319
RESERVED
CVE-2022-45318
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf007eaed89ebeab41a8bfde52131a4d96be4cd8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf007eaed89ebeab41a8bfde52131a4d96be4cd8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240220/9150036b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list