[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Mar 14 10:48:54 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
53bbe326 by Moritz Mühlenhoff at 2024-03-14T11:48:18+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,9 +23,9 @@ CVE-2024-28175 (Argo CD is a declarative, GitOps continuous delivery tool for Ku
 CVE-2024-27703 (Cross Site Scripting vulnerability in Leantime 3.0.6 allows a remote a ...)
 	NOT-FOR-US: Leantime
 CVE-2024-27102 (Wings is the server control plane for Pterodactyl Panel. This vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Wings
 CVE-2024-27097 (A user endpoint didn't perform filtering on an incoming parameter, whi ...)
-	TODO: check
+	NOT-FOR-US: CKAN
 CVE-2024-25653 (Broken Access Control in the Report functionality of Delinea PAM Secre ...)
 	NOT-FOR-US: Delinea PAM Secret Server
 CVE-2024-25652 (In Delinea PAM Secret Server 11.4, it is possible for a user (with acc ...)
@@ -498,7 +498,7 @@ CVE-2024-28239 (Directus is a real-time API and App dashboard for managing SQL d
 CVE-2024-28238 (Directus is a real-time API and App dashboard for managing SQL databas ...)
 	NOT-FOR-US: Directus
 CVE-2024-28236 (Vela is a Pipeline Automation (CI/CD) framework built on Linux contain ...)
-	TODO: check
+	NOT-FOR-US: Vela
 CVE-2024-27440 (The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyok ...)
 	NOT-FOR-US: Toyoko Inn official App
 CVE-2024-27305 (aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on  ...)
@@ -791,9 +791,9 @@ CVE-2024-1302 (Information exposure vulnerability in Badger Meter Monitool affec
 CVE-2024-1301 (SQL injection vulnerability in Badger Meter Monitool affecting version ...)
 	NOT-FOR-US: Badger Meter Monitool
 CVE-2024-1227 (An open redirect vulnerability, the exploitation of which could allow  ...)
-	TODO: check
+	NOT-FOR-US: Rejettos
 CVE-2024-1226 (The software does not neutralize or incorrectly neutralizes certain ch ...)
-	TODO: check
+	NOT-FOR-US: Rejettos
 CVE-2024-1138 (The FTL Server component of TIBCO Software Inc.'s TIBCO FTL - Enterpri ...)
 	NOT-FOR-US: TIBCO
 CVE-2024-1137 (The Proxy and Client components of TIBCO Software Inc.'s TIBCO ActiveS ...)
@@ -937,7 +937,7 @@ CVE-2024-1400 (The Mollie Forms plugin for WordPress is vulnerable to unauthoriz
 CVE-2023-6814 (Insertion of Sensitive Information into Log File vulnerability in Hita ...)
 	NOT-FOR-US: Hitachi
 CVE-2023-49785 (NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat use ...)
-	TODO: check
+	NOT-FOR-US: NextChat
 CVE-2023-49453 (Reflected cross-site scripting (XSS) vulnerability in Racktables v0.22 ...)
 	- racktables <itp> (bug #629531)
 CVE-2024-2370 (Unrestricted file upload vulnerability in ManageEngine Desktop Central ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53bbe326b47bf3c09d6b0cf310ff7d321b479e37

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53bbe326b47bf3c09d6b0cf310ff7d321b479e37
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240314/5835a756/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list