[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 8 20:48:51 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7689d342 by Salvatore Bonaccorso at 2024-07-08T21:48:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2024-37389 (Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3
 CVE-2024-34603 (Improper access control in Samsung Message prior to SMR Jul-2024 Relea ...)
 	TODO: check
 CVE-2024-34602 (Use of implicit intent for sensitive communication in Samsung Messages ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-31897 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1,  ...)
 	NOT-FOR-US: IBM
 CVE-2024-6229 (A stored cross-site scripting (XSS) vulnerability exists in the 'Uploa ...)
-	TODO: check
+	NOT-FOR-US: stangirard/quivr
 CVE-2024-40614 (EGroupware before 23.1.20240624 mishandles an ORDER BY clause.)
-	TODO: check
+	NOT-FOR-US: EGroupware
 CVE-2024-40605 (An issue was discovered in the Foreground skin for MediaWiki through 1 ...)
 	NOT-FOR-US: Foreground skin for MediaWiki
 CVE-2024-40604 (An issue was discovered in the Nimbus skin for MediaWiki through 1.42. ...)
@@ -526,7 +526,7 @@ CVE-2024-6439 (A vulnerability was found in SourceCodester Home Owners Collectio
 CVE-2024-6438 (A vulnerability has been found in Hitout Carsale 1.0 and classified as ...)
 	NOT-FOR-US: Hitout Carsale
 CVE-2024-6382 (Incorrect handling of certain string inputs may result in MongoDB Rust ...)
-	TODO: check
+	NOT-FOR-US: MongoDB rust driver
 CVE-2024-6381 (The bson_strfreev function in the MongoDB C driver library may be susc ...)
 	- mongo-c-driver 1.26.2-1
 	NOTE: https://jira.mongodb.org/browse/CDRIVER-5622



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7689d3421ef90cf485d7cdb6ff4030a74bc1ff70

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7689d3421ef90cf485d7cdb6ff4030a74bc1ff70
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240708/e6604f91/attachment.htm>

More information about the debian-security-tracker-commits mailing list