[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Mar 5 20:20:47 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8066c189 by Salvatore Bonaccorso at 2024-03-05T21:20:00+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,27 +11,27 @@ CVE-2024-2053 (The Artica Proxy administrative web application will deserialize
 CVE-2024-2005 (Blue Planet\xae has released software updates that address this vulner ...)
 	TODO: check
 CVE-2024-27931 (Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure  ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2024-27929 (ImageSharp is a managed, cross-platform, 2D graphics library. A heap-u ...)
-	TODO: check
+	NOT-FOR-US: ImageSharp
 CVE-2024-27627 (A reflected cross-site scripting (XSS) vulnerability exists in SuperCa ...)
-	TODO: check
+	NOT-FOR-US: SuperCali
 CVE-2024-27626 (A Reflected Cross-Site Scripting (XSS) vulnerability has been identifi ...)
 	TODO: check
 CVE-2024-27625 (CMS Made Simple Version 2.2.19 is vulnerable to Cross Site Scripting ( ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2024-27623 (CMS Made Simple version 2.2.19 is vulnerable to Server-Side Template I ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2024-27622 (A remote code execution vulnerability has been identified in the User  ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2024-27565 (A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-p ...)
-	TODO: check
+	NOT-FOR-US: ChatGPT-wechat-personal
 CVE-2024-27564 (A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT co ...)
-	TODO: check
+	NOT-FOR-US: ChatGPT
 CVE-2024-27563 (A Server-Side Request Forgery (SSRF) in the getFileFromRepo function o ...)
-	TODO: check
+	NOT-FOR-US: WonderCMS
 CVE-2024-27561 (A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAc ...)
-	TODO: check
+	NOT-FOR-US: WonderCMS
 CVE-2024-26339 (swftools v0.9.2 was discovered to contain a strcpy parameter overlap v ...)
 	TODO: check
 CVE-2024-26337 (swftools v0.9.2 was discovered to contain a segmentation violation via ...)
@@ -41,7 +41,7 @@ CVE-2024-26335 (swftools v0.9.2 was discovered to contain a segmentation violati
 CVE-2024-26334 (swftools v0.9.2 was discovered to contain a segmentation violation via ...)
 	TODO: check
 CVE-2024-24098 (Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Inject ...)
-	TODO: check
+	NOT-FOR-US: Code-projects Scholars Tracking System
 CVE-2024-23296 (A memory corruption issue was addressed with improved validation. This ...)
 	TODO: check
 CVE-2024-23256 (A logic issue was addressed with improved state management. This issue ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8066c1899f1acb03dfd6e2185249e4d9ee686f79

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8066c1899f1acb03dfd6e2185249e4d9ee686f79
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240305/eebe6f8f/attachment.htm>
