[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sun Mar 24 11:11:52 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84a52fea by Salvatore Bonaccorso at 2024-03-24T12:11:23+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,25 +3,25 @@ CVE-2024-30161 (In Qt before 6.5.6 and 6.6.x before 6.6.3, the wasm component ma
 CVE-2024-30156 (Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 L ...)
 	TODO: check
 CVE-2024-2856 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-2855 (A vulnerability classified as critical was found in Tenda AC15 15.03.0 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-2854 (A vulnerability classified as critical has been found in Tenda AC18 15 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-2853 (A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It h ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-2852 (A vulnerability was found in Tenda AC15 15.03.20_multi. It has been de ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-2851 (A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-2850 (A vulnerability was found in Tenda AC15 15.03.05.18 and classified as  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-24725 (Gibbon through 26.0.00 allows remote authenticated users to conduct PH ...)
 	TODO: check
 CVE-2024-23755 (ClickUp Desktop before 3.3.77 on macOS and Windows allows code injecti ...)
-	TODO: check
+	NOT-FOR-US: ClickUp Desktop
 CVE-2020-36827 (The XAO::Web module before 1.84 for Perl mishandles < and > characters ...)
-	TODO: check
+	NOT-FOR-US: XAO::Web Perl module
 CVE-2018-25100 (The Mojolicious module before 7.66 for Perl may leak cookies in certai ...)
 	TODO: check
 CVE-2024-XXXX [possibility to reset password for suspended accounts]
@@ -36,7 +36,7 @@ CVE-2024-24835 (Missing Authorization vulnerability in realmag777 BEAR.This issu
 CVE-2024-24832 (Missing Authorization vulnerability in Metagauss EventPrime.This issue ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-1603 (paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision ...)
-	TODO: check
+	NOT-FOR-US: PaddlePaddle
 CVE-2024-2832 (A vulnerability classified as problematic was found in Campcodes Onlin ...)
 	NOT-FOR-US: Campcodes Online Shopping System
 CVE-2024-2688 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a52fea415a7c8e90627f4d46c0b156ef54dac4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a52fea415a7c8e90627f4d46c0b156ef54dac4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240324/2cb25f68/attachment.htm>
