[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Jun 29 09:43:53 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b5b7075c by Salvatore Bonaccorso at 2024-06-29T10:43:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2024-6405 (The Floating Social Buttons plugin for WordPress is vulnerable to Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6363 (The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6265 (The UsersWP \u2013 Front-end login form, User Registration, User Profi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5942 (The Page and Post Clone plugin for WordPress is vulnerable to Insecure ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5889 (The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5790 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5666 (The Extensions for Elementor plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5598 (The Advanced File Manager plugin for WordPress is vulnerable to Sensit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5192 (The Funnel Builder for WordPress by FunnelKit \u2013 Customize WooComm ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39828 (R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modifi ...)
-	TODO: check
+	NOT-FOR-US: R74n Sandboxels
 CVE-2024-39307 (Kavita is a cross platform reading server. Opening an ebook with malic ...)
-	TODO: check
+	NOT-FOR-US: Kavita
 CVE-2024-39302 (BigBlueButton is an open-source virtual classroom designed to help tea ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton
 CVE-2024-38533 (ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scal ...)
-	TODO: check
+	NOT-FOR-US: ZKsync Era
 CVE-2024-38532 (The NXP Data Co-Processor (DCP) is a built-in hardware module for spec ...)
 	TODO: check
 CVE-2024-38525 (dd-trace-cpp is the Datadog distributed tracing for C++. When the libr ...)
 	TODO: check
 CVE-2024-38518 (BigBlueButton is an open-source virtual classroom designed to help tea ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton
 CVE-2019-25211 (parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandle ...)
 	TODO: check
 CVE-2024-6403 (A vulnerability, which was classified as critical, has been found in T ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5b7075ca3798275d8414c8a34bcd341f496679a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5b7075ca3798275d8414c8a34bcd341f496679a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240629/8e1319a7/attachment.htm>
