[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Mar 22 08:21:00 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
186a0191 by Salvatore Bonaccorso at 2024-03-22T09:20:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,13 +63,13 @@ CVE-2024-2392 (The Blocksy Companion plugin for WordPress is vulnerable to Store
 CVE-2024-2080 (The LiquidPoll \u2013 Polls, Surveys, NPS and Feedback Reviews plugin  ...)
 	TODO: check
 CVE-2024-29275 (SQL injection vulnerability in SeaCMS version 12.9, allows remote unau ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2024-29273 (There is Stored Cross-Site Scripting (XSS) in dzzoffice 2.02.1 SC UTF8 ...)
-	TODO: check
+	NOT-FOR-US: dzzoffice
 CVE-2024-29272 (Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, a ...)
-	TODO: check
+	NOT-FOR-US: VvvebJs
 CVE-2024-29271 (Reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs before v ...)
-	TODO: check
+	NOT-FOR-US: VvvebJs
 CVE-2024-29031 (Meshery is an open source, cloud native manager that enables the desig ...)
 	TODO: check
 CVE-2024-28891 (SQL injection vulnerability exists in the script Handler_CFG.ashx.)
@@ -77,11 +77,11 @@ CVE-2024-28891 (SQL injection vulnerability exists in the script Handler_CFG.ash
 CVE-2024-28863 (node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no  ...)
 	TODO: check
 CVE-2024-28756 (The SolarEdge mySolarEdge application before 2.20.1 for Android has a  ...)
-	TODO: check
+	NOT-FOR-US: SolarEdge mySolarEdge
 CVE-2024-28521 (SQL Injection vulnerability in Netcome NS-ASG Application Security Gat ...)
-	TODO: check
+	NOT-FOR-US: Netcome NS-ASG Application Security Gateway
 CVE-2024-28441 (File Upload vulnerability in magicflue v.7.0 and before allows a remot ...)
-	TODO: check
+	NOT-FOR-US: magicflue
 CVE-2024-28171 (It is possible to perform a path traversal attack and write outside of ...)
 	TODO: check
 CVE-2024-28119 (Grav is an open-source, flat-file content management system. Prior to  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/186a0191467cbbf3835ae1add26df26104859cb7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/186a0191467cbbf3835ae1add26df26104859cb7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240322/00e133d4/attachment.htm>
