[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 11 22:00:56 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7665be48 by Salvatore Bonaccorso at 2024-07-11T22:22:32+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,85 +9,85 @@ CVE-2024-6643
 CVE-2024-6531 (A vulnerability has been identified in Bootstrap that exposes users to ...)
 	TODO: check
 CVE-2024-6528 (CWE-79: Improper Neutralization of Input During Web Page Generation (' ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2024-6485 (A security vulnerability has been discovered in bootstrap that could e ...)
 	TODO: check
 CVE-2024-6484 (A vulnerability has been identified in Bootstrap that exposes users to ...)
 	TODO: check
 CVE-2024-6407 (CWE-200: Information Exposure vulnerability exists that could cause di ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2024-6035 (A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbia ...)
-	TODO: check
+	NOT-FOR-US: gaizhenbiao/chuanhuchatgpt
 CVE-2024-5681 (CWE-20: Improper Input Validation vulnerability exists that could caus ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2024-5680 (CWE-129: Improper Validation of Array Index vulnerability exists that  ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2024-5679 (CWE-787: Out-of-Bounds Write vulnerability exists that could cause loc ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2024-39905 (Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3r ...)
-	TODO: check
+	NOT-FOR-US: Red Discord bot
 CVE-2024-39904 (VNote is a note-taking platform. Prior to 3.18.1, a code execution vul ...)
 	TODO: check
 CVE-2024-39553 (An Exposure of Resource to Wrong Sphere vulnerability in the sampling  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39552 (An Improper Handling of Exceptional Conditions vulnerability in the ro ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39551 (An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (A ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39550 (A Missing Release of Memory after Effective Lifetime vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39549 (A Missing Release of Memory after Effective Lifetime vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39548 (An Uncontrolled Resource Consumption vulnerability in the aftmand proc ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39546 (A Missing Authorization vulnerability in the Socket Intercept (SI) com ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39545 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39543 (A Buffer Copy without Checking Size of Inputvulnerability in the routi ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39542 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39541 (An Improper Handling of Exceptional Conditions vulnerability in the Ro ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39540 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39539 (A Missing Release of Memory after Effective Lifetime vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39538 (A Buffer Copy without Checking Size of Input vulnerability in the PFE  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39537 (An Improper Restriction of Communication Channel to Intended Endpoints ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39536 (A Missing Release of Memory after Effective Lifetime vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39535 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39533 (An Unimplemented or Unsupported Feature in the UI vulnerability in Jun ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39532 (AnInsertion of Sensitive Information into Log File vulnerability in Ju ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39531 (An Improper Handling of Values vulnerability in the Packet Forwarding  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39530 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39529 (A Use of Externally-Controlled Format String vulnerability in the Pack ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39528 (A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39524 (An Improper Neutralization of Special Elements vulnerability in Junipe ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39523 (An Improper Neutralization of Special Elements vulnerability in Junipe ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39522 (An Improper Neutralization of Special Elements vulnerability in Junipe ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39521 (An Improper Neutralization of Special Elements vulnerability in Junipe ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39520 (AnImproper Neutralization of Special Elements vulnerability in Juniper ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39519 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2024-39317 (Wagtail is an open source content management system built on Django. A ...)
-	TODO: check
+	NOT-FOR-US: Wagtail
 CVE-2024-38536 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)
 	TODO: check
 CVE-2024-38535 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7665be488ff4a6e74582b35ac3cad011a88423f5

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7665be488ff4a6e74582b35ac3cad011a88423f5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240711/e8d48bea/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list