[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 6 14:11:07 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
104badf6 by Salvatore Bonaccorso at 2024-06-06T15:10:29+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49,29 +49,29 @@ CVE-2024-4212 (The Themesflat Addons For Elementor plugin for WordPress is vulne
 CVE-2024-4194 (The The Album and Image Gallery plus Lightbox plugin for WordPress is  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4177 (A host whitelist parser issue in the proxy service implemented in the  ...)
-	TODO: check
+	NOT-FOR-US: GravityZone Update Server
 CVE-2024-3049 (A flaw was found in Booth, a cluster ticket manager. If a specially-cr ...)
 	TODO: check
 CVE-2024-2922 (The Themesflat Addons For Elementor plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2350 (The Clever Addons for Elementor plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2017 (The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1175 (The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0972 (The BuddyPress Members Only plugin for WordPress is vulnerable to Sens ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0912 (Under certain circumstances the Microsoft\xae Internet Information Ser ...)
 	TODO: check
 CVE-2024-0910 (The Restrict for Elementor plugin for WordPress is vulnerable to Sensi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6968 (The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6966 (The The Moneytizer plugin for WordPress is vulnerable to unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6956 (The EasyAzon \u2013 Amazon Associates Affiliate Plugin plugin for Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5629 (An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier ...)
 	- pymongo <unfixed>
 	NOTE: https://jira.mongodb.org/browse/PYTHON-4305
@@ -86,7 +86,7 @@ CVE-2024-5459 (The Restaurant Menu and Food Ordering plugin for WordPress is vul
 CVE-2024-5184 (The EmailGPT service contains a prompt injection vulnerability.The ser ...)
 	NOT-FOR-US: EmailGPT service
 CVE-2024-5037 (A flaw was found in OpenShift's Telemeter. If certain conditions are i ...)
-	TODO: check
+	NOT-FOR-US: OpenShift Telemeter
 CVE-2024-4821 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4812 (A flaw was found in the Katello plugin for Foreman, where it is possib ...)
@@ -114,7 +114,7 @@ CVE-2024-36668 (idccms v1.35 was discovered to contain a Cross-Site Request Forg
 CVE-2024-36667 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
 	NOT-FOR-US: idccms
 CVE-2024-36129 (The OpenTelemetry Collector offers a vendor-agnostic implementation on ...)
-	TODO: check
+	NOT-FOR-US: OpenTelemetry Collector
 CVE-2024-35674 (Missing Authorization vulnerability in Unlimited Elements Unlimited El ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-35673 (Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby P ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/104badf64e617e40241065452169577d225b397d

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/104badf64e617e40241065452169577d225b397d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240606/e6302deb/attachment.htm>


More information about the debian-security-tracker-commits mailing list