[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 15 20:44:04 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
080a61cc by Salvatore Bonaccorso at 2024-01-15T21:43:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2024-22207 (fastify-swagger-ui is a Fastify plugin for serving Swagger UI.  Prior  ...)
 	TODO: check
 CVE-2024-20721 (Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are a ...)
-	TODO: check
+	NOT-FOR-US: Acrobat Reader T5 (MSFT Edge)
 CVE-2024-20709 (Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are a ...)
-	TODO: check
+	NOT-FOR-US: Acrobat Reader T5 (MSFT Edge)
 CVE-2024-0565 (An out-of-bounds memory read flaw was found in receive_encrypted_stand ...)
 	- linux 6.6.8-1
 	[bookworm] - linux 6.1.69-1
@@ -14,60 +14,60 @@ CVE-2024-0562 (A use-after-free flaw was found in the Linux Kernel. When a disk
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/f87904c075515f3e1d8f4a7115869d3b914674fd (6.0-rc3)
 CVE-2024-0558 (A vulnerability has been found in DedeBIZ 6.3.0 and classified as crit ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2024-0557 (A vulnerability, which was classified as problematic, was found in Ded ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2024-0320 (Cross-Site Scripting in FireEye Malware Analysis (AX) affecting versio ...)
-	TODO: check
+	NOT-FOR-US: FireEye Malware Analysis (AX)
 CVE-2024-0319 (Open Redirect vulnerability in FireEye HXTool affecting version 4.6, t ...)
-	TODO: check
+	NOT-FOR-US: FireEye HXTool
 CVE-2024-0318 (Cross-Site Scripting in FireEye HXTool affecting version 4.6. This vul ...)
-	TODO: check
+	NOT-FOR-US: FireEye HXTool
 CVE-2024-0317 (Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Ex ...)
-	TODO: check
+	NOT-FOR-US: FireEye EX
 CVE-2024-0316 (Improper cleanup vulnerability in exceptions thrown in FireEye Endpoin ...)
-	TODO: check
+	NOT-FOR-US: FireEye Endpoint Security
 CVE-2024-0315 (Remote file inclusion vulnerability in FireEye Central Management affe ...)
-	TODO: check
+	NOT-FOR-US: FireEye Central Management
 CVE-2024-0314 (XSS vulnerability in FireEye Central Management affecting version 9.1. ...)
-	TODO: check
+	NOT-FOR-US: FireEye Central Management
 CVE-2023-6991 (The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 do ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6941 (The Keap Official Opt-in Forms WordPress plugin through 1.0.11 does no ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6915 (A Null pointer dereference problem was found in ida_free in lib/idr.c  ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/af73483f4e8b6f5c68c9aa63257bdd929a9c194a (6.7-rc7)
 CVE-2023-6843 (The easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6623 (The Essential Blocks WordPress plugin before 4.4.3 does not prevent un ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6620 (The POST SMTP Mailer WordPress plugin before 2.8.7 does not properly s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6163 (The WP Crowdfunding WordPress plugin before 2.1.10 does not sanitise a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6066 (The WP Custom Widget area WordPress plugin through 1.2.5 does not prop ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6050 (The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6049 (The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unseriali ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6048 (The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6029 (The EazyDocs WordPress plugin before 2.3.6 does not have authorization ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5905 (The DeMomentSomTres WordPress Export Posts With Images WordPress plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5253 (A missing authentication check in the WebSocket channel used for the C ...)
-	TODO: check
+	NOT-FOR-US: Nozomi Networks
 CVE-2023-50729 (Traccar is an open source GPS tracking system. Prior to 5.11, Traccar  ...)
 	TODO: check
 CVE-2023-4925 (The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-4818 (PAX A920 device allows to downgrade bootloader due to a bug in its ver ...)
-	TODO: check
+	NOT-FOR-US: PAX A920 device
 CVE-2023-46226 (Remote Code Execution vulnerability in Apache IoTDB.This issue affects ...)
-	TODO: check
+	NOT-FOR-US: Apache IoTDB
 CVE-2023-42137 (PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50 ...)
 	TODO: check
 CVE-2023-42136 (PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/080a61cc7467c5081a5e1c49ef8b4ba8d1ca979c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/080a61cc7467c5081a5e1c49ef8b4ba8d1ca979c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240115/461bb7ee/attachment.htm>

More information about the debian-security-tracker-commits mailing list