[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Feb 29 08:54:41 GMT 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d8194a55 by Moritz Muehlenhoff at 2024-02-29T09:54:19+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55,39 +55,39 @@ CVE-2024-23493 (Mattermost fails to properly authorize the requests fetchingteam
 CVE-2024-23488 (Mattermost fails to properly restrict the access of files attached to  ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2024-23302 (Couchbase Server before 7.2.4 has a private key leak in goxdcr.log.)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2024-22983 (SQL injection vulnerability in Projectworlds Visitor Management System ...)
-	TODO: check
+	NOT-FOR-US: Projectworlds Visitor Management System
 CVE-2024-22871 (An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker  ...)
 	TODO: check
 CVE-2024-22532 (Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x8 ...)
-	TODO: check
+	NOT-FOR-US: XNSoft NConvert
 CVE-2024-21798 (ELECOM wireless LAN routers contain a cross-site scripting vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: ELECOM
 CVE-2024-21752 (Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Aja ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1982 (The Migration, Backup, Staging \u2013 WPvivid plugin for WordPress is  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1981 (The Migration, Backup, Staging \u2013 WPvivid plugin for WordPress is  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1978 (The Friends plugin for WordPress is vulnerable to Server-Side Request  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1977 (The Restaurant Solutions \u2013 Checklist plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1976 (The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1972 (A vulnerability was found in SourceCodester Online Job Portal 1.0 and  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-1971 (A vulnerability has been found in Surya2Developer Online Shopping Syst ...)
-	TODO: check
+	NOT-FOR-US: Surya2Developer Online Shopping System
 CVE-2024-1970 (A vulnerability, which was classified as problematic, was found in Sou ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-1887 (Mattermost fails to check if compliance export is enabled when fetchin ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2024-1468 (The Avada | Website Builder For WordPress & WooCommerce theme for Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1437 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1435 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
 	TODO: check
 CVE-2024-1434 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -119,27 +119,27 @@ CVE-2023-51528 (Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin A
 CVE-2023-50905 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	TODO: check
 CVE-2023-50437 (An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-50436 (An issue was discovered in Couchbase Server before 7.2.4. ns_server ad ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-49932 (An issue was discovered in Couchbase Server before 7.2.4. An attacker  ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-49931 (An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL c ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-49930 (An issue was discovered in Couchbase Server before 7.2.4. cURL calls t ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-49338 (Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authent ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-47874 (Missing Authorization vulnerability in Perfmatters.This issue affects  ...)
 	TODO: check
 CVE-2023-45874 (An issue was discovered in Couchbase Server through 7.2.2. A data read ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-45873 (An issue was discovered in Couchbase Server through 7.2.2. A data read ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-45859 (In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 ...)
 	TODO: check
 CVE-2023-43769 (An issue was discovered in Couchbase Server through 7.1.4 before 7.1.5 ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2023-38372 (An unauthorized attacker who has obtained an IBM Watson IoT Platform 1 ...)
 	NOT-FOR-US: IBM
 CVE-2023-38367 (IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM C ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8194a5550771bb484e5903da6c7ab25674d7292

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8194a5550771bb484e5903da6c7ab25674d7292
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240229/9eecfd20/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list