[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df84cdff by Salvatore Bonaccorso at 2024-02-21T21:37:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2024-27215
 	REJECTED
 CVE-2024-26311 (Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflect ...)
-	TODO: check
+	NOT-FOR-US: Archer Platform
 CVE-2024-26310 (Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper acc ...)
-	TODO: check
+	NOT-FOR-US: Archer Platform
 CVE-2024-26145 (Discourse Calendar adds the ability to create a dynamic calendar in th ...)
-	TODO: check
+	NOT-FOR-US: Discourse Calendar
 CVE-2024-26138 (The XWiki licensor application, which manages and enforce application  ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2024-26133 (EventStoreDB (ESDB) is an operational database built to store events.  ...)
 	TODO: check
 CVE-2024-26130 (cryptography is a package designed to expose cryptographic primitives  ...)
@@ -17,29 +17,29 @@ CVE-2024-26130 (cryptography is a package designed to expose cryptographic primi
 	NOTE: Fixed by: https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 (main)
 	NOTE: Fixed by: https://github.com/pyca/cryptography/commit/7a4d012991061974da5d9cb7614de65eac94f49b (42.0.4)
 CVE-2024-25898 (A XSS vulnerability was found in the ChurchCRM v.5.5.0 functionality,  ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25897 (ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection (Ti ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25896 (ChurchCRM 5.5.0 EventEditor.php is vulnerable to Blind SQL Injection ( ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25895 (A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 5.5. ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25894 (ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection  ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25893 (ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25892 (ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25891 (ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection ( ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2024-25461 (Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM  ...)
 	TODO: check
 CVE-2024-25381 (There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publish ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2024-25288 (SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: SLIMS (Senayan Library Management Systems)
 CVE-2024-25249 (An issue in He3 App for macOS version 2.0.17, allows remote attackers  ...)
-	TODO: check
+	NOT-FOR-US: He3 App for macOS
 CVE-2024-25117 (php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering ...)
 	TODO: check
 CVE-2024-24479 (Buffer Overflow vulnerability in Wireshark team Wireshark before v.4.2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df84cdffc61ece338832b708456f4eed757ae18b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df84cdffc61ece338832b708456f4eed757ae18b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240221/cc61ac32/attachment.htm>