[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 14 23:15:05 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7470201b by Salvatore Bonaccorso at 2024-05-15T00:14:29+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54,17 +54,17 @@ CVE-2024-34713 (sshproxy is used on a gateway to transparently proxy a user SSH
 CVE-2024-34712 (Oceanic is a NodeJS library for interfacing with Discord. Prior to ver ...)
 	TODO: check
 CVE-2024-34358 (TYPO3 is an enterprise content management system. Starting in version  ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2024-34357 (TYPO3 is an enterprise content management system. Starting in version  ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2024-34356 (TYPO3 is an enterprise content management system. Starting in version  ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2024-34355 (TYPO3 is an enterprise content management system. Starting in version  ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2024-34256 (OFCMS V1.1.2 is vulnerable to SQL Injection via the new table function ...)
-	TODO: check
+	NOT-FOR-US: OFCMS
 CVE-2024-34243 (Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the user ...)
-	TODO: check
+	NOT-FOR-US: Konga
 CVE-2024-34191 (htmly v2.9.6 was discovered to contain an arbitrary file deletion vuln ...)
 	TODO: check
 CVE-2024-34086 (A vulnerability has been identified in JT2Go (All versions < V2312.000 ...)
@@ -72,63 +72,63 @@ CVE-2024-34086 (A vulnerability has been identified in JT2Go (All versions < V23
 CVE-2024-34085 (A vulnerability has been identified in JT2Go (All versions < V2312.000 ...)
 	TODO: check
 CVE-2024-33868 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is L ...)
-	TODO: check
+	NOT-FOR-US: linqi
 CVE-2024-33867 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is a ...)
-	TODO: check
+	NOT-FOR-US: linqi
 CVE-2024-33866 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is / ...)
-	TODO: check
+	NOT-FOR-US: linqi
 CVE-2024-33865 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is a ...)
-	TODO: check
+	NOT-FOR-US: linqi
 CVE-2024-33864 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is S ...)
-	TODO: check
+	NOT-FOR-US: linqi
 CVE-2024-33863 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is / ...)
-	TODO: check
+	NOT-FOR-US: linqi
 CVE-2024-33647 (A vulnerability has been identified in Polarion ALM (All versions < V2 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33583 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33577 (A vulnerability has been identified in Simcenter Nastran 2306 (All ver ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33499 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33498 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33497 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33496 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33495 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33494 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33493 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33492 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33491 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33490 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33489 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-33485 (SQL Injection vulnerability in CASAP Automated Enrollment System using ...)
-	TODO: check
+	NOT-FOR-US: CASAP Automated Enrollment System
 CVE-2024-32977 (OctoPrint provides a web interface for controlling consumer 3D printer ...)
-	TODO: check
+	NOT-FOR-US: OctoPrint
 CVE-2024-32742 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32741 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32740 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32639 (A vulnerability has been identified in Tecnomatix Plant Simulation V23 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32637 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32636 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32635 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32465 (Git is a revision control system. The Git project recommends to avoid  ...)
 	TODO: check
 CVE-2024-32355 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
@@ -691,9 +691,9 @@ CVE-2024-34701 (CreateWiki is Miraheze's MediaWiki extension for requesting & cr
 CVE-2024-34699 (GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged  ...)
 	TODO: check
 CVE-2024-34698 (FreeScout is a free, self-hosted help desk and shared mailbox. Version ...)
-	TODO: check
+	NOT-FOR-US: FreeScout
 CVE-2024-34697 (FreeScout is a free, self-hosted help desk and shared mailbox. A store ...)
-	TODO: check
+	NOT-FOR-US: FreeScout
 CVE-2024-34555 (Unrestricted Upload of File with Dangerous Type vulnerability in URBAN ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-34459 (An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2. ...)
@@ -736,7 +736,7 @@ CVE-2024-33433 (Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.
 CVE-2024-33386 (An issue in SoundCloud Prometheu v.2.5.1 and before allows a remote at ...)
 	TODO: check
 CVE-2024-33250 (An issue in Open-Source Technology Committee SRS real-time video serve ...)
-	TODO: check
+	NOT-FOR-US: Open-Source Technology Committee SRS real-time video server
 CVE-2024-32100 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-31810 (TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hard ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7470201b77fcd45b686b090f47fcf7a0696599f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7470201b77fcd45b686b090f47fcf7a0696599f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240514/ced19b15/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list