[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 1 10:33:57 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5535d73e by Salvatore Bonaccorso at 2024-03-01T11:33:14+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2024-27950 (Missing Authorization vulnerability in sirv.Com Image Optimizer,
 CVE-2024-27949 (Server-Side Request Forgery (SSRF) vulnerability in sirv.Com Image Opt ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-27294 (dp-golang is a Puppet module for Go installations.  Prior to 1.2.7, dp ...)
-	TODO: check
+	NOT-FOR-US: dp-golang Puppet module
 CVE-2024-27292 (Docassemble is an expert system for guided interviews and document ass ...)
 	NOT-FOR-US: Docassemble
 CVE-2024-27291 (Docassemble is an expert system for guided interviews and document ass ...)
@@ -45,7 +45,7 @@ CVE-2024-24520 (An issue in Lepton CMS v.7.0.0 allows a local attacker to execut
 CVE-2024-24028 (Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2. ...)
 	NOT-FOR-US: Likeshop
 CVE-2024-22891 (Nteract v.0.28.0 was discovered to contain a remote code execution (RC ...)
-	TODO: check
+	NOT-FOR-US: Nteract
 CVE-2024-22100 (MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior are aff ...)
 	NOT-FOR-US: MicroDicom DICOM Viewer
 CVE-2024-1941 (Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are vulnerable  ...)
@@ -53,9 +53,9 @@ CVE-2024-1941 (Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are vulner
 CVE-2024-1859 (The Slider Responsive Slideshow \u2013 Image slider, Gallery slideshow ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0403 (Recipes version 1.5.10 allows arbitrary HTTP requests to be made  thro ...)
-	TODO: check
+	NOT-FOR-US: Recipes
 CVE-2023-52555 (In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletio ...)
-	TODO: check
+	NOT-FOR-US: mongo-express
 CVE-2023-50324 (IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-As ...)
 	NOT-FOR-US: IBM
 CVE-2023-50312 (IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 cou ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5535d73e66dadfd626daa747c76783b2c8902958

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5535d73e66dadfd626daa747c76783b2c8902958
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240301/ff535041/attachment.htm>

More information about the debian-security-tracker-commits mailing list