[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Jan 5 08:39:57 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
251ca76c by Salvatore Bonaccorso at 2024-01-05T09:39:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,21 +19,21 @@ CVE-2024-21636 (view_component is a framework for building reusable, testable, a
 CVE-2024-0241 (encoded_id-rails versions before 1.0.0.beta2 are affected by an uncont ...)
 	TODO: check
 CVE-2023-6493 (The Depicter Slider \u2013 Responsive Image Slider, Video Slider & Pos ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52323 (PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakag ...)
 	TODO: check
 CVE-2023-52184 (Cross-Site Request Forgery (CSRF) vulnerability in WP Job Portal WP Jo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52178 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52150 (Cross-Site Request Forgery (CSRF) vulnerability in Ovation S.R.L. Dyna ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-51502 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-51277 (nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-ta ...)
 	TODO: check
 CVE-2023-41782 (There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacke ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2024-22051 (CommonMarker versions prior to 0.23.4 are at risk of an integer overfl ...)
 	- ruby-commonmarker 0.23.4-1
 	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
@@ -261935,9 +261935,9 @@ CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ sha
 CVE-2020-13880
 	RESERVED
 CVE-2020-13879 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-bas ...)
-	TODO: check
+	NOT-FOR-US: IrfanView B3D PlugIns
 CVE-2020-13878 (IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-bas ...)
-	TODO: check
+	NOT-FOR-US: IrfanView B3D PlugIns
 CVE-2020-13877 (SQL Injection issues in various ASPX pages of ResourceXpress Meeting M ...)
 	NOT-FOR-US: ResourceXpress Meeting Monitor
 CVE-2020-13876



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/251ca76c5df71e1a1f6c5e47dc911963c13ad5c9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/251ca76c5df71e1a1f6c5e47dc911963c13ad5c9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240105/395c2650/attachment.htm>
