[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 24 20:29:02 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e6355f5a by Salvatore Bonaccorso at 2024-01-24T21:28:40+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2024-23649 (Lemmy is a link aggregator and forum for the fediverse. Starting in ve ...)
 	TODO: check
 CVE-2024-23648 (Pimcore's Admin Classic Bundle provides a backend user interface for P ...)
-	TODO: check
+	NOT-FOR-US: Pimcore's Admin Classic Bundle
 CVE-2024-23646 (Pimcore's Admin Classic Bundle provides a backend user interface for P ...)
-	TODO: check
+	NOT-FOR-US: Pimcore's Admin Classic Bundle
 CVE-2024-23644 (Trillium is a composable toolkit for building internet applications wi ...)
 	TODO: check
 CVE-2024-23641 (SvelteKit is a web development kit. In SvelteKit 2, sending a GET requ ...)
@@ -14,41 +14,41 @@ CVE-2024-22725 (Orthanc versions before 1.12.2 are affected by a reflected cross
 CVE-2024-22720 (Kanboard 1.2.34 is vulnerable to Html Injection in the group managemen ...)
 	TODO: check
 CVE-2024-22651 (There is a command injection vulnerability in the ssdpcgi_main functio ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-22309 (Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBo ...)
-	TODO: check
+	NOT-FOR-US: QuantumCloud ChatBot with AI
 CVE-2024-22308 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22301 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22294 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22284 (Deserialization of Untrusted Data vulnerability in Thomas Belser Asgar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22229 (Dell Unity, versions prior to 5.4, contain a vulnerability whereby log ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-22154 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22152 (Unrestricted Upload of File with Dangerous Type vulnerability in WebTo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22141 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22135 (Unrestricted Upload of File with Dangerous Type vulnerability in WebTo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-22134 (Server-Side Request Forgery (SSRF) vulnerability in Renzo Johnson Cont ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0854 (URL redirection to untrusted site ('Open Redirect') vulnerability in f ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2023-6697 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52221 (Unrestricted Upload of File with Dangerous Type vulnerability in UkrSo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52040 (An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-52039 (An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-52038 (An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2023-51890 (An infinite loop issue discovered in Mathtex 1.05 and before allows a  ...)
 	TODO: check
 CVE-2023-51889 (Stack Overflow vulnerability in the validate() function in Mathtex v.1 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6355f5a3f8a1f2c5cd85a954c78dd737155c384

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6355f5a3f8a1f2c5cd85a954c78dd737155c384
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240124/ed7d2731/attachment.htm>

More information about the debian-security-tracker-commits mailing list