[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 21 20:59:13 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
df84cdff by Salvatore Bonaccorso at 2024-02-21T21:37:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2024-27215
REJECTED
CVE-2024-26311 (Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflect ...)
- TODO: check
+ NOT-FOR-US: Archer Platform
CVE-2024-26310 (Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper acc ...)
- TODO: check
+ NOT-FOR-US: Archer Platform
CVE-2024-26145 (Discourse Calendar adds the ability to create a dynamic calendar in th ...)
- TODO: check
+ NOT-FOR-US: Discourse Calendar
CVE-2024-26138 (The XWiki licensor application, which manages and enforce application ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-26133 (EventStoreDB (ESDB) is an operational database built to store events. ...)
TODO: check
CVE-2024-26130 (cryptography is a package designed to expose cryptographic primitives ...)
@@ -17,29 +17,29 @@ CVE-2024-26130 (cryptography is a package designed to expose cryptographic primi
NOTE: Fixed by: https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 (main)
NOTE: Fixed by: https://github.com/pyca/cryptography/commit/7a4d012991061974da5d9cb7614de65eac94f49b (42.0.4)
CVE-2024-25898 (A XSS vulnerability was found in the ChurchCRM v.5.5.0 functionality, ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25897 (ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection (Ti ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25896 (ChurchCRM 5.5.0 EventEditor.php is vulnerable to Blind SQL Injection ( ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25895 (A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 5.5. ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25894 (ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25893 (ChurchCRM 5.5.0 FRCertificates.php is vulnerable to Blind SQL Injectio ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25892 (ChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25891 (ChurchCRM 5.5.0 FRBidSheets.php is vulnerable to Blind SQL Injection ( ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2024-25461 (Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM ...)
TODO: check
CVE-2024-25381 (There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publish ...)
- TODO: check
+ NOT-FOR-US: Emlog Pro
CVE-2024-25288 (SLIMS (Senayan Library Management Systems) 9 Bulian v9.6.1 is vulnerab ...)
- TODO: check
+ NOT-FOR-US: SLIMS (Senayan Library Management Systems)
CVE-2024-25249 (An issue in He3 App for macOS version 2.0.17, allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: He3 App for macOS
CVE-2024-25117 (php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering ...)
TODO: check
CVE-2024-24479 (Buffer Overflow vulnerability in Wireshark team Wireshark before v.4.2 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df84cdffc61ece338832b708456f4eed757ae18b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df84cdffc61ece338832b708456f4eed757ae18b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240221/cc61ac32/attachment.htm>
More information about the debian-security-tracker-commits
mailing list