[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 8 10:04:11 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e48cf8e by Salvatore Bonaccorso at 2024-03-08T11:03:33+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,71 +1,71 @@
 CVE-2024-2298 (The affiliate-toolkit \u2013 WordPress Affiliate Plugin plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2285 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: boyiddha Automated-Mess-Management-System
 CVE-2024-2284 (A vulnerability classified as problematic was found in boyiddha Automa ...)
-	TODO: check
+	NOT-FOR-US: boyiddha Automated-Mess-Management-System
 CVE-2024-2283 (A vulnerability classified as critical has been found in boyiddha Auto ...)
-	TODO: check
+	NOT-FOR-US: boyiddha Automated-Mess-Management-System
 CVE-2024-2282 (A vulnerability was found in boyiddha Automated-Mess-Management-System ...)
-	TODO: check
+	NOT-FOR-US: boyiddha Automated-Mess-Management-System
 CVE-2024-2281 (A vulnerability was found in boyiddha Automated-Mess-Management-System ...)
-	TODO: check
+	NOT-FOR-US: boyiddha Automated-Mess-Management-System
 CVE-2024-2277 (A vulnerability was found in Bdtask G-Prescription Gynaecology & OBS C ...)
-	TODO: check
+	NOT-FOR-US: Bdtask G-Prescription Gynaecology & OBS Consultation Software
 CVE-2024-2276 (A vulnerability has been found in Bdtask G-Prescription Gynaecology &  ...)
-	TODO: check
+	NOT-FOR-US: Bdtask G-Prescription Gynaecology & OBS Consultation Software
 CVE-2024-2275 (A vulnerability, which was classified as problematic, was found in Bdt ...)
-	TODO: check
+	NOT-FOR-US: Bdtask G-Prescription Gynaecology & OBS Consultation Software
 CVE-2024-2274 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: Bdtask G-Prescription Gynaecology & OBS Consultation Software
 CVE-2024-2272 (A vulnerability classified as critical was found in keerti1924 Online- ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Online-Book-Store-Website
 CVE-2024-2271 (A vulnerability classified as critical has been found in keerti1924 On ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Online-Book-Store-Website
 CVE-2024-2270 (A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Online-Book-Store-Website
 CVE-2024-2269 (A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Online-Book-Store-Website
 CVE-2024-2268 (A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Online-Book-Store-Website
 CVE-2024-2267 (A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0  ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Online-Book-Store-Website
 CVE-2024-2266 (A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project  ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 Secret-Coder-PHP-Project
 CVE-2024-2265 (A vulnerability, which was classified as problematic, was found in kee ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 PHP-MYSQL-User-Login-System
 CVE-2024-2264 (A vulnerability, which was classified as critical, has been found in k ...)
-	TODO: check
+	NOT-FOR-US: keerti1924 PHP-MYSQL-User-Login-System
 CVE-2024-2044 (pgAdmin 4 uses a file-based session management approach. The session f ...)
 	TODO: check
 CVE-2024-28115 (FreeRTOS is a real-time operating system for microcontrollers. FreeRTO ...)
-	TODO: check
+	NOT-FOR-US: FreeRTOS kernel
 CVE-2024-27707 (Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly ...)
 	TODO: check
 CVE-2024-27613 (Numbas editor before 7.3 mishandles reading of themes and extensions.)
-	TODO: check
+	NOT-FOR-US: Numbas editor
 CVE-2024-27612 (Numbas editor before 7.3 mishandles editing of themes and extensions.)
-	TODO: check
+	NOT-FOR-US: Numbas editor
 CVE-2024-26492 (An issue in Online Diagnostic Lab Management System 1.0 allows a remot ...)
-	TODO: check
+	NOT-FOR-US: Online Diagnostic Lab Management System
 CVE-2024-26313 (Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a stored  ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2024-26309 (Archer Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a sensiti ...)
-	TODO: check
+	NOT-FOR-US: Archer
 CVE-2024-26167 (Microsoft Edge for Android Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-25849 (In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKi ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25848 (In the module "Ever Ultimate SEO" (everpsseo) <= 8.1.2 from Team Ever  ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25845 (In the module "CD Custom Fields 4 Orders" (cdcustomfields4orders) <= 1 ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2024-25729 (Arris SBG6580 devices have predictable default WPA2 security passwords ...)
-	TODO: check
+	NOT-FOR-US: Arris SBG6580 devices
 CVE-2024-25327 (Cross Site Scripting (XSS) vulnerability in Justice Systems FullCourt  ...)
-	TODO: check
+	NOT-FOR-US: Justice Systems FullCourt Enterprise
 CVE-2024-24035 (Cross Site Scripting (XSS) vulnerability in Setor Informatica SIL 3.1  ...)
-	TODO: check
+	NOT-FOR-US: Setor Informatica SIL
 CVE-2024-23297 (The issue was addressed with improved checks. This issue is fixed in t ...)
 	TODO: check
 CVE-2024-23295 (A permissions issue was addressed to help ensure Personas are always p ...)
@@ -197,13 +197,13 @@ CVE-2024-23205 (A privacy issue was addressed with improved private data redacti
 CVE-2024-23201 (A permissions issue was addressed with additional restrictions. This i ...)
 	TODO: check
 CVE-2024-1987 (The WP-Members Membership Plugin plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1986 (The Booster Elite for WooCommerce plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1851 (The affiliate-toolkit \u2013 WordPress Affiliate Plugin plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1802 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0258 (The issue was addressed with improved memory handling. This issue is f ...)
 	TODO: check
 CVE-2023-46172 (IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e48cf8ea2da5584b32e41dca8bc1f21214ed567

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e48cf8ea2da5584b32e41dca8bc1f21214ed567
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240308/492aeb79/attachment.htm>

More information about the debian-security-tracker-commits mailing list