[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 22 13:34:22 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
52350c3e by Salvatore Bonaccorso at 2024-07-22T14:33:33+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,105 +1,105 @@
 CVE-2024-6970 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2024-6969 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Clinics Patient Management System
 CVE-2024-6968 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Clinics Patient Management System
 CVE-2024-6967 (A vulnerability was found in SourceCodester Employee and Visitor Gate  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee and Visitor Gate Pass Logging System
 CVE-2024-6966 (A vulnerability was found in itsourcecode Online Blood Bank Management ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Blood Bank Management System
 CVE-2024-6965 (A vulnerability has been found in Tenda O3 1.0.0.10 and classified as  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-6964 (A vulnerability, which was classified as critical, was found in Tenda  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-6963 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-6962 (A vulnerability classified as critical was found in Tenda O3 1.0.0.10. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-6961 (RAIL documents are an XML-based format invented by Guardrails AI to en ...)
-	TODO: check
+	NOT-FOR-US: Guardrails
 CVE-2024-6960 (The H2O machine learning platform uses "Iced" classes as the primary m ...)
 	TODO: check
 CVE-2024-6958 (A vulnerability classified as critical was found in itsourcecode Unive ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode University Management System
 CVE-2024-6957 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode University Management System
 CVE-2024-6956 (A vulnerability was found in itsourcecode University Management System ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode University Management System
 CVE-2024-6955 (A vulnerability was found in SourceCodester Record Management System 1 ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Record Management System
 CVE-2024-6954 (A vulnerability was found in SourceCodester Record Management System 1 ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Record Management System
 CVE-2024-6953 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2024-6952 (A vulnerability has been found in itsourcecode University Management S ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode University Management System
 CVE-2024-6951 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Simple Online Book Store System
 CVE-2024-6950 (A vulnerability, which was classified as critical, has been found in P ...)
-	TODO: check
+	NOT-FOR-US: Prain
 CVE-2024-6949 (A vulnerability classified as problematic was found in Gargaj wuhu up  ...)
-	TODO: check
+	NOT-FOR-US: Gargaj wuhu
 CVE-2024-6948 (A vulnerability classified as critical has been found in Gargaj wuhu u ...)
-	TODO: check
+	NOT-FOR-US: Gargaj wuhu
 CVE-2024-6947 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rate ...)
-	TODO: check
+	NOT-FOR-US: Flute CMS
 CVE-2024-6946 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: Flute CMS
 CVE-2024-6271 (The Community Events WordPress plugin before 1.5 does not have CSRF ch ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6244 (The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CS ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6243 (The HTML Forms  WordPress plugin before 1.3.33 does not sanitize and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5973 (The MasterStudy LMS WordPress Plugin  WordPress plugin before 3.3.24 d ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5529 (The WP QuickLaTeX WordPress plugin before 3.8.8 does not sanitise and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5004 (The CM Popup Plugin for WordPress  WordPress plugin before 1.6.6 does  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-41709 (Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not sufficien ...)
 	TODO: check
 CVE-2024-41704 (LibreChat through 0.7.4-rc1 does not validate the normalized pathnames ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2024-41703 (LibreChat through 0.7.4-rc1 has incorrect access control for message u ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2024-40430 (In SFTPGO 2.6.2, the JWT implementation lacks cerrtain security measur ...)
 	TODO: check
 CVE-2024-38786 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38785 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38784 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38782 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38781 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37485 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37480 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37466 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37465 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37461 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37460 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37459 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37457 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37449 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37447 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37446 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37391 (ProtonVPN before 3.2.10 on Windows mishandles the drive installer path ...)
-	TODO: check
+	NOT-FOR-US: ProtonVPN
 CVE-2024-6945 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been clas ...)
 	NOT-FOR-US: Flute CMS
 CVE-2024-6944 (A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and class ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52350c3e80f0480c17ba3eb4728d94fd69f3999a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52350c3e80f0480c17ba3eb4728d94fd69f3999a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240722/1c7288d0/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list