[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue May 21 21:20:22 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f02cdca2 by Salvatore Bonaccorso at 2024-05-21T22:19:50+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2024-4988 (The mobile application (com.transsion.videocallenhancer) interface has ...)
 	TODO: check
 CVE-2024-4876 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4875 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4700 (The WP Table Builder \u2013 WordPress Table Plugin plugin for WordPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4695 (The Move Addons for Elementor plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4619 (The Elementor Website Builder \u2013 More than Just a Page Builder plu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4566 (The ShopLentor plugin for WordPress is vulnerable to unauthorized modi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4553 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4452 (The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4435 (When storing unbounded types in a BTreeMap, a node is represented as a ...)
 	TODO: check
 CVE-2024-4420 (There exists a Denial of service vulnerability in Tink-cc in versions  ...)
 	TODO: check
 CVE-2024-4361 (The Page Builder by SiteOrigin plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4154 (In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulner ...)
-	TODO: check
+	NOT-FOR-US: lunary-ai/lunary
 CVE-2024-3345 (The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site ...)
 	TODO: check
 CVE-2024-3268 (The YouTube Video Gallery by YouTube Showcase \u2013 Video Gallery Plu ...)
@@ -41,7 +41,7 @@ CVE-2024-35384 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause
 CVE-2024-35361 (MTab Bookmark v1.9.5 has an SQL injection vulnerability in /LinkStore/ ...)
 	TODO: check
 CVE-2024-35218 (Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stor ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2024-35180 (OMERO.web provides a web based client and plugin infrastructure. There ...)
 	TODO: check
 CVE-2024-35061 (NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f02cdca249297a6a3a6b795f15b94b8f00c03ca6

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f02cdca249297a6a3a6b795f15b94b8f00c03ca6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240521/06a2b6b4/attachment.htm>
