[Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jun 7 09:35:05 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b513a750 by Moritz Muehlenhoff at 2024-06-07T10:34:23+02:00
NFUs (concludes external check)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2024-23445
+	- elasticsearch <removed>
+CVE-2024-37279
+	- kibana <itp> (bug #700337)
+CVE-2024-5154
+	- cri-o <itp> (bug #979702)
 CVE-2024-5640 (The Prime Slider \u2013 Addons For Elementor (Revolution of a slider,  ...)
 	TODO: check
 CVE-2024-5612 (The Essential Addons for Elementor Pro plugin for WordPress is vulnera ...)
@@ -450,7 +456,7 @@ CVE-2024-5037 (A flaw was found in OpenShift's Telemeter. If certain conditions
 CVE-2024-4821 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4812 (A flaw was found in the Katello plugin for Foreman, where it is possib ...)
-	TODO: check
+	NOT-FOR-US: Katello plugin for Foreman
 CVE-2024-4743 (The LifterLMS \u2013 WordPress LMS Plugin for eLearning plugin for Wor ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4009 (Replay Attack  in ABB, Busch-Jaeger, FTS Display (version 1.00) and BC ...)
@@ -460,7 +466,7 @@ CVE-2024-4008 (FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BC
 CVE-2024-4001 (The Download Manager plugin for WordPress is vulnerable to Stored Cros ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-3716 (A flaw was found in foreman-installer when puppet-candlepin is invoked ...)
-	TODO: check
+	NOT-FOR-US: foreman-installer
 CVE-2024-3469 (The GP Premium plugin for WordPress is vulnerable to Reflected Cross-S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-36837 (SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b513a750c37ecd0ce2e3a67e23c1927083f626a1

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b513a750c37ecd0ce2e3a67e23c1927083f626a1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240607/98cea088/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list