[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 18 10:18:34 BST 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06f883f6 by Moritz Muehlenhoff at 2024-06-18T11:17:56+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,23 +47,23 @@ CVE-2024-37079 (vCenter Server contains a heap-overflow vulnerability in the imp
 CVE-2024-34833 (Sourcecodester Payroll Management System v1.0 is vulnerable to File Up ...)
 	NOT-FOR-US: Sourcecodester Payroll Management System
 CVE-2024-34024 (Observable response discrepancy issue exists in ID Link Manager and FU ...)
-	TODO: check
+	NOT-FOR-US: FUJITSU
 CVE-2024-33622 (Missing authentication for critical function vulnerability exists in I ...)
-	TODO: check
+	NOT-FOR-US: FUJITSU
 CVE-2024-33620 (Absolute path traversal vulnerability exists in ID Link Manager and FU ...)
-	TODO: check
+	NOT-FOR-US: FUJITSU
 CVE-2024-1634 (The Scheduling Plugin \u2013 Online Booking for WordPress plugin for W ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0845 (The PDF Viewer for Elementor plugin for WordPress is vulnerable to Sto ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0066 (Johan Fagerstr\xf6m, member of the AXIS OS Bug Bounty Program, has fou ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2023-5527 (The Business Directory Plugin plugin for WordPress is vulnerable to CS ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-37058 (Insecure Permissions vulnerability in JLINK Unionman Technology Co. Lt ...)
-	TODO: check
+	NOT-FOR-US: JLINK
 CVE-2023-37057 (An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allow ...)
-	TODO: check
+	NOT-FOR-US: JLINK
 CVE-2024-6062 (A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/2872
@@ -79,7 +79,7 @@ CVE-2024-6058 (A vulnerability classified as problematic has been found in LabVa
 CVE-2024-6057 (Improper authentication in the vault password feature in Devolutions R ...)
 	NOT-FOR-US: Devolutions Remote Desktop Manager
 CVE-2024-6056 (A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. I ...)
-	TODO: check
+	NOT-FOR-US: Laravel Starter
 CVE-2024-6055 (Improper removal of sensitive information in data source export featur ...)
 	NOT-FOR-US: Devolutions Remote Desktop Manager
 CVE-2024-5741 (Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2. ...)
@@ -103,9 +103,9 @@ CVE-2024-38469 (zhimengzhe iBarn v1.5 was discovered to contain a reflected cros
 CVE-2024-38449 (A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316 ...)
 	NOT-FOR-US: KasmVNC
 CVE-2024-37902 (DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning Framework in  ...)
-	TODO: check
+	NOT-FOR-US: DeepJavaLibrary
 CVE-2024-37896 (Gin-vue-admin is a backstage management system based on vue and gin. G ...)
-	TODO: check
+	NOT-FOR-US: Gin-vue-admin
 CVE-2024-37895 (Lobe Chat is an open-source LLMs/AI chat framework. In affected versio ...)
 	NOT-FOR-US: Lobe Chat
 CVE-2024-37893 (Firefly III is a free and open source personal finance manager. In aff ...)
@@ -156,9 +156,9 @@ CVE-2024-37619 (StrongShop v1.0 was discovered to contain a reflected cross-site
 CVE-2024-37305 (oqs-provider is a provider for the OpenSSL 3 cryptography library that ...)
 	TODO: check
 CVE-2024-37159 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. ...)
-	TODO: check
+	NOT-FOR-US: Evmos
 CVE-2024-37158 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. ...)
-	TODO: check
+	NOT-FOR-US: Evmos
 CVE-2024-36583 (A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an a ...)
 	TODO: check
 CVE-2024-36582 (alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollut ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f883f6d7221ddbf10c664814ab016b8ab80610

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f883f6d7221ddbf10c664814ab016b8ab80610
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240618/d0805e20/attachment.htm>


More information about the debian-security-tracker-commits mailing list