[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Jan 3 21:16:58 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e97a080c by Salvatore Bonaccorso at 2024-01-03T22:16:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16,7 +16,7 @@ CVE-2024-21633 (Apktool is a tool for reverse engineering Android APK files. In
 	NOTE: https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w
 	NOTE: https://github.com/iBotPeaches/Apktool/commit/d348c43b24a9de350ff6e5bd610545a10c1fc712
 CVE-2024-21631 (Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vap ...)
-	TODO: check
+	NOT-FOR-US: Vapor
 CVE-2024-21622 (Craft is a content management system. This is a potential moderate imp ...)
 	NOT-FOR-US: Craft CMS
 CVE-2024-0217 (A use-after-free flaw was found in PackageKitd. In some conditions, th ...)
@@ -32,11 +32,11 @@ CVE-2023-6747 (The Best WordPress Gallery Plugin \u2013 FooGallery plugin for Wo
 CVE-2023-6621 (The POST SMTP WordPress plugin before 2.8.7 does not sanitise and esca ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-5881 (Unauthenticated access permitted to web interface page The Genie Compa ...)
-	TODO: check
+	NOT-FOR-US: Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup"
 CVE-2023-5880 (When the Genie Company Aladdin Connect garage door opener (Retrofit-Ki ...)
-	TODO: check
+	NOT-FOR-US: Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM)
 CVE-2023-5879 (Users\u2019 product account authentication data was stored in clear te ...)
-	TODO: check
+	NOT-FOR-US: Genie Company Aladdin Connect Mobile Application
 CVE-2023-52314 (PaddlePaddle before 2.6.0 has a command injection in convert_shape_com ...)
 	NOT-FOR-US: PaddlePaddle
 CVE-2023-52313 (FPE in paddle.argmin and paddle.argmaxin PaddlePaddle before 2.6.0. Th ...)
@@ -66,13 +66,13 @@ CVE-2023-52302 (Nullptr in paddle.nextafterin PaddlePaddle before 2.6.0. This fl
 CVE-2023-50921 (An issue was discovered on GL.iNet devices through 4.5.0. Attackers ca ...)
 	NOT-FOR-US: GL.iNet devices
 CVE-2023-50253 (Laf is a cloud development platform. In the Laf version design, the lo ...)
-	TODO: check
+	NOT-FOR-US: Laf
 CVE-2023-50093 (APIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable ...)
 	NOT-FOR-US: APIIDA API Gateway Manager for Broadcom Layer7
 CVE-2023-50092 (APIIDA API Gateway Manager for Broadcom Layer7 v2023.2 is vulnerable t ...)
 	NOT-FOR-US: APIIDA API Gateway Manager for Broadcom Layer7
 CVE-2023-50090 (Arbitrary File Write vulnerability in the saveReportFile method of ure ...)
-	TODO: check
+	NOT-FOR-US: ureport
 CVE-2023-46929 (An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/2662
@@ -37517,7 +37517,7 @@ CVE-2023-30619 (Tuleap Open ALM is a Libre and Open Source tool for end to end t
 CVE-2023-30618 (Kitchen-Terraform provides a set of Test Kitchen plugins which enable  ...)
 	NOT-FOR-US: Kitchen-Terraform
 CVE-2023-30617 (Kruise provides automated management of large-scale applications on Ku ...)
-	TODO: check
+	NOT-FOR-US: Kruise
 CVE-2023-30616 (Form block is a wordpress plugin designed to make form creation easier ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-30615 (Iris is a web collaborative platform aiming to help incident responder ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e97a080c57fef9b2e1782bf2e6e8668d458dd747

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e97a080c57fef9b2e1782bf2e6e8668d458dd747
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240103/1cc3c82e/attachment.htm>
