[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 10 15:36:26 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77ff416d by Salvatore Bonaccorso at 2024-01-10T16:35:57+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,13 +15,13 @@ CVE-2024-0359 (A vulnerability was found in code-projects Simple Online Hotel Re
 CVE-2024-0358 (A vulnerability was found in DeShang DSO2O up to 4.1.0. It has been cl ...)
 	NOT-FOR-US: DeShang DSO2O
 CVE-2024-0357 (A vulnerability was found in coderd-repos Eva 1.0.0 and classified as  ...)
-	TODO: check
+	NOT-FOR-US: coderd-repos Eva
 CVE-2024-0356 (A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and class ...)
 	NOT-FOR-US: Mandelo ssm_shiro_blog
 CVE-2024-0355 (A vulnerability, which was classified as critical, was found in PHPGur ...)
 	NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
 CVE-2024-0354 (A vulnerability, which was classified as critical, has been found in u ...)
-	TODO: check
+	NOT-FOR-US: unknown-o download-station
 CVE-2024-0352 (A vulnerability classified as critical was found in Likeshop up to 2.5 ...)
 	NOT-FOR-US: Likeshop
 CVE-2024-0351 (A vulnerability classified as problematic has been found in SourceCode ...)
@@ -39,7 +39,7 @@ CVE-2024-0346 (A vulnerability has been found in CodeAstro Vehicle Booking Syste
 CVE-2024-0345 (A vulnerability, which was classified as problematic, was found in Cod ...)
 	NOT-FOR-US: CodeAstro Vehicle Booking System
 CVE-2024-0344 (A vulnerability, which was classified as critical, has been found in s ...)
-	TODO: check
+	NOT-FOR-US: soxft TimeMail
 CVE-2023-5770 (Proofpoint Enterprise Protection contains a vulnerability in the email ...)
 	NOT-FOR-US: Proofpoint Enterprise Protection
 CVE-2023-50136 (Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows att ...)
@@ -243,7 +243,7 @@ CVE-2023-51439 (A vulnerability has been identified in JT2Go (All versions < V14
 CVE-2023-51438 (A vulnerability has been identified in SIMATIC IPC1047E (All versions  ...)
 	NOT-FOR-US: Siemens
 CVE-2023-50974 (In Appwrite CLI before 3.0.0, when using the login command, the creden ...)
-	TODO: check
+	NOT-FOR-US: Appwrite CLI
 CVE-2023-50585 (Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via  ...)
 	NOT-FOR-US: Tenda
 CVE-2023-49722 (Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 product ...)
@@ -293,7 +293,7 @@ CVE-2023-41056 [Buffer overflow in certain payloads may lead to remote code exec
 	[bullseye] - redis <not-affected> (Vulnerable code not present)
 	[buster] - redis <not-affected> (Vulnerable code not present)
 	NOTE: Introduced with changes from: https://github.com/redis/redis/pull/11766 (which landed
-	NOTE:   in 7.2, but which also got backported to the 7.0. branch)
+	NOTE: in 7.2, but which also got backported to the 7.0. branch)
 	NOTE: https://github.com/redis/redis/commit/e351099e1119fb89496be578f5232c61ce300224 (7.0.15)
 CVE-2024-22125 (Under certain conditions the Microsoft Edge browser extension (SAP GUI ...)
 	NOT-FOR-US: SAP
@@ -356,11 +356,11 @@ CVE-2023-51408 (Exposure of Sensitive Information to an Unauthorized Actor vulne
 CVE-2023-51406 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-50932 (An issue was discovered in savignano S/Notify before 4.0.2 for Conflue ...)
-	TODO: check
+	NOT-FOR-US: savignano S/Notify
 CVE-2023-50931 (An issue was discovered in savignano S/Notify before 2.0.1 for Bitbuck ...)
-	TODO: check
+	NOT-FOR-US: savignano S/Notify
 CVE-2023-50930 (An issue was discovered in savignano S/Notify before 4.0.2 for Jira. W ...)
-	TODO: check
+	NOT-FOR-US: savignano S/Notify
 CVE-2023-50643 (An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote atta ...)
 	NOT-FOR-US: Evernote
 CVE-2023-50162 (SQL injection vulnerability in EmpireCMS v7.5, allows remote attackers ...)
@@ -368,7 +368,7 @@ CVE-2023-50162 (SQL injection vulnerability in EmpireCMS v7.5, allows remote att
 CVE-2023-49961 (WALLIX Bastion 7.x, 8.x, 9.x and 10.x and WALLIX Access Manager 3.x an ...)
 	NOT-FOR-US: WALLIX Access Manager
 CVE-2023-49238 (In Gradle Enterprise before 2023.1, a remote attacker may be able to g ...)
-	TODO: check
+	NOT-FOR-US: Gradle Enterprise
 CVE-2023-46906 (juzaweb <= 3.4 is vulnerable to Incorrect Access Control, resulting in ...)
 	NOT-FOR-US: juzaweb
 CVE-2023-39336 (An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77ff416de977dbc33061f213e26f701fd56290ba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77ff416de977dbc33061f213e26f701fd56290ba
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240110/3b9e0b33/attachment.htm>

More information about the debian-security-tracker-commits mailing list