[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 24 20:54:01 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
14ab63be by Salvatore Bonaccorso at 2024-03-24T21:53:32+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28,7 +28,7 @@ CVE-2024-2851 (A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_mult
CVE-2024-2850 (A vulnerability was found in Tenda AC15 15.03.05.18 and classified as ...)
NOT-FOR-US: Tenda
CVE-2024-24725 (Gibbon through 26.0.00 allows remote authenticated users to conduct PH ...)
- TODO: check
+ NOT-FOR-US: GibbonEdu Gibbon
CVE-2024-23755 (ClickUp Desktop before 3.3.77 on macOS and Windows allows code injecti ...)
NOT-FOR-US: ClickUp Desktop
CVE-2020-36827 (The XAO::Web module before 1.84 for Perl mishandles < and > characters ...)
@@ -111,9 +111,9 @@ CVE-2024-2723 (SQL injection vulnerability in the CIGESv2 system, through/ajaxSu
CVE-2024-2722 (SQL injection vulnerability in the CIGESv2 system, through/ajaxConfigT ...)
NOT-FOR-US: CIGESv2 system
CVE-2024-2449 (A cross-site request forgery vulnerability has been identified in Load ...)
- TODO: check
+ NOT-FOR-US: LoadMaster
CVE-2024-2448 (An OS command injection vulnerability has been identified in LoadMaste ...)
- TODO: check
+ NOT-FOR-US: LoadMaster
CVE-2024-2228 (This vulnerability allows an authenticated user to perform a Lifecycle ...)
NOT-FOR-US: Sailpoint
CVE-2024-2227 (This vulnerability allows access to arbitrary files in the application ...)
@@ -138,13 +138,13 @@ CVE-2024-29366 (A command injection vulnerability exists in the cgibin binary in
CVE-2024-29338 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forg ...)
NOT-FOR-US: Anchor CMS
CVE-2024-29186 (Bref is an open-source project that helps users go serverless on Amazo ...)
- TODO: check
+ NOT-FOR-US: Bref
CVE-2024-29185 (FreeScout is a self-hosted help desk and shared mailbox. Versions prio ...)
NOT-FOR-US: FreeScout
CVE-2024-29184 (FreeScout is a self-hosted help desk and shared mailbox. A Stored Cros ...)
NOT-FOR-US: FreeScout
CVE-2024-29042 (Translate is a package that allows users to convert text to different ...)
- TODO: check
+ NOT-FOR-US: translate Node.js module
CVE-2024-28861 (Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a P ...)
NOT-FOR-US: Symfony1 (community fork of symfony 1.4 with some enhancements)
CVE-2024-28824 (Least privilege violation and reliance on untrusted inputs in the mk_i ...)
@@ -200089,7 +200089,7 @@ CVE-2021-33635 (When malicious images are pulled by isula pull, attackers can ex
CVE-2021-33634 (iSulad uses the lcr+lxc runtime (default) to run malicious images, whi ...)
NOT-FOR-US: OpenEuler lcr
CVE-2021-33633 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
- TODO: check
+ NOT-FOR-US: openEuler aops-ceres
CVE-2021-33632
RESERVED
CVE-2021-33631 (Integer Overflow or Wraparound vulnerability in openEuler kernel on Li ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ab63be8518a9b7673d43426edee20fa51a7d2d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ab63be8518a9b7673d43426edee20fa51a7d2d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240324/88acaaa4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list