[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02c63403 by Salvatore Bonaccorso at 2024-03-23T09:34:42+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2024-2832 (A vulnerability classified as problematic was found in Campcodes Onlin ...)
-	TODO: check
+	NOT-FOR-US: Campcodes Online Shopping System
 CVE-2024-2688 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2468 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2326 (The Pretty Links \u2013 Affiliate Links, Link Branding, Link Tracking  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2202 (The Page Builder by SiteOrigin plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2131 (The Move Addons for Elementor plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2025 (The "BuddyPress WooCommerce My Account Integration. Create WooCommerce ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-29190 (Mobile Security Framework (MobSF) is a pen-testing, malware analysis a ...)
-	TODO: check
+	NOT-FOR-US: Mobile Security Framework (MobSF)
 CVE-2024-29059 (.NET Framework Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29057 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26247 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-1697 (The Custom WooCommerce Checkout Fields Editor plugin for WordPress is  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1049 (The Page Builder Gutenberg Blocks \u2013 CoBlocks plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2828 (A vulnerability, which was classified as critical, was found in lakern ...)
 	NOT-FOR-US: lakernote EasyAdmin
 CVE-2024-2827 (A vulnerability, which was classified as critical, has been found in l ...)
@@ -62,9 +62,9 @@ CVE-2024-2449 (A cross-site request forgery vulnerability has been identified in
 CVE-2024-2448 (An OS command injection vulnerability has been identified in LoadMaste ...)
 	TODO: check
 CVE-2024-2228 (This vulnerability allows an authenticated user to perform a Lifecycle ...)
-	TODO: check
+	NOT-FOR-US: Sailpoint
 CVE-2024-2227 (This vulnerability allows access to arbitrary files in the application ...)
-	TODO: check
+	NOT-FOR-US: Sailpoint
 CVE-2024-29944 (An attacker was able to inject an event handler into a privileged obje ...)
 	- firefox 124.0.1-1 (bug #1067523)
 	- firefox-esr 115.9.1esr-1
@@ -104,7 +104,7 @@ CVE-2024-28559 (SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before
 CVE-2024-25168 (SQL injection vulnerability in snow snow v.2.0.0 allows a remote attac ...)
 	NOT-FOR-US: snow snow
 CVE-2024-1848 (Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out ...)
-	TODO: check
+	NOT-FOR-US: Solidworks
 CVE-2024-1742 (Invocation of the sqlplus command with sensitive information in the co ...)
 	- check-mk <removed>
 CVE-2024-0638 (Least privilege violation in the Checkmk agent plugins mk_oracle, mk_o ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02c63403e80a520e5ce9a530eb3606c86f762c0e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02c63403e80a520e5ce9a530eb3606c86f762c0e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240323/0e751c64/attachment-0001.htm>