[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Feb 27 20:33:16 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5e8b3ef by Salvatore Bonaccorso at 2024-02-27T21:32:45+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -129,13 +129,13 @@ CVE-2024-27507 (libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/app
 CVE-2024-27099 (The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Ser ...)
 	TODO: check
 CVE-2024-26473 (A reflected cross-site scripting (XSS) vulnerability in SocialMediaWeb ...)
-	TODO: check
+	NOT-FOR-US: SocialMediaWebsite
 CVE-2024-26472 (A reflected cross-site scripting (XSS) vulnerability in SocialMediaWeb ...)
-	TODO: check
+	NOT-FOR-US: SocialMediaWebsite
 CVE-2024-26471 (A reflected cross-site scripting (XSS) vulnerability in zhimengzhe iBa ...)
-	TODO: check
+	NOT-FOR-US: zhimengzhe iBarn
 CVE-2024-26470 (A host header injection vulnerability in the forgot password function  ...)
-	TODO: check
+	NOT-FOR-US: FullStackHero's WebAPI Boilerplate
 CVE-2024-26464 (net-snmp 5.9.4 contains a memory leak vulnerability in /net-snmp/apps/ ...)
 	TODO: check
 CVE-2024-26143 (Rails is a web-application framework. There is a possible XSS vulnerab ...)
@@ -143,75 +143,75 @@ CVE-2024-26143 (Rails is a web-application framework. There is a possible XSS vu
 CVE-2024-26142 (Rails is a web-application framework. Starting in version 7.1.0, there ...)
 	TODO: check
 CVE-2024-25846 (In the module "Product Catalog (CSV, Excel) Import" (simpleimportprodu ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25843 (In the module "Import/Update Bulk Product from any Csv/Excel File Pro" ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25841 (In the module "So Flexibilite" (soflexibilite) from Common-Services fo ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25840 (In the module "Account Manager | Sales Representative & Dealers | CRM" ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25723 (ZenML Server in the ZenML machine learning package before 0.46.7 for P ...)
 	TODO: check
 CVE-2024-25400 (Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.ph ...)
-	TODO: check
+	NOT-FOR-US: Subrion CMS
 CVE-2024-25399 (Subrion CMS 4.2.1 is vulnerable to Cross Site Scripting (XSS) via admi ...)
-	TODO: check
+	NOT-FOR-US: Subrion CMS
 CVE-2024-25398 (In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially crafted n ...)
 	TODO: check
 CVE-2024-24323 (SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a re ...)
 	TODO: check
 CVE-2024-22251 (VMware Workstation and Fusion contain an out-of-bounds read vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2024-21742 (Improper input validation allows for header injection in MIME4J librar ...)
 	TODO: check
 CVE-2024-1928 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Web-Based Student Clearance System
 CVE-2024-1927 (A vulnerability classified as critical was found in SourceCodester Web ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Web-Based Student Clearance System
 CVE-2024-1926 (A vulnerability was found in SourceCodester Free and Open Source Inven ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Free and Open Source Inventory Management System
 CVE-2024-1925 (A vulnerability was found in Ctcms 2.1.2. It has been declared as crit ...)
-	TODO: check
+	NOT-FOR-US: Ctcms
 CVE-2024-1924 (A vulnerability was found in CodeAstro Membership Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Membership Management System
 CVE-2024-1923 (A vulnerability was found in SourceCodester Simple Student Attendance  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Simple Student Attendance System
 CVE-2024-1922 (A vulnerability has been found in SourceCodester Online Job Portal 1.0 ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Job Portal
 CVE-2024-1921 (A vulnerability, which was classified as critical, was found in osuuu  ...)
-	TODO: check
+	NOT-FOR-US: osuuu LightPicture
 CVE-2024-1920 (A vulnerability, which was classified as critical, has been found in o ...)
-	TODO: check
+	NOT-FOR-US: osuuu LightPicture
 CVE-2024-1919 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Job Portal
 CVE-2024-1918 (A vulnerability has been found in Beijing Baichuo Smart S42 Management ...)
-	TODO: check
+	NOT-FOR-US: Beijing Baichuo Smart S42 Management Platform
 CVE-2024-1912 (The Categorify plugin for WordPress is vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1910 (The Categorify plugin for WordPress is vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1909 (The Categorify plugin for WordPress is vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1907 (The Categorify plugin for WordPress is vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1906 (The Categorify plugin for WordPress is vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1653 (The Categorify plugin for WordPress is vulnerable to unauthorized modi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1652 (The Categorify plugin for WordPress is vulnerable to unauthorized modi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1650 (The Categorify plugin for WordPress is vulnerable to unauthorized modi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1649 (The Categorify plugin for WordPress is vulnerable to unauthorized modi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1423
 	REJECTED
 CVE-2024-1403 (In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 1 ...)
-	TODO: check
+	NOT-FOR-US: OpenEdge Authentication Gateway and AdminServer
 CVE-2024-1106 (The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0855 (The Spiffy Calendar WordPress plugin before 4.9.9 doesn't check the ev ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0819 (Improper initialization of default settings in TeamViewer Remote Clien ...)
 	TODO: check
 CVE-2024-0551 (Enable exports of the database and associated exported information of  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5e8b3efdbf67ca4bbf50e9e9956627ae31453f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5e8b3efdbf67ca4bbf50e9e9956627ae31453f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240227/bc7dff0b/attachment.htm>

More information about the debian-security-tracker-commits mailing list