[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 1 17:48:52 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c794bef9 by Salvatore Bonaccorso at 2024-11-01T18:48:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -114,7 +114,7 @@ CVE-2024-50801 (A SQL Injection vulnerability was discovered in AbanteCart 1.4.0
 CVE-2024-50356 (Press, a Frappe custom app that runs Frappe Cloud, manages infrastruct ...)
 	NOT-FOR-US: Press app for Frappe
 CVE-2024-50354 (gnark is a fast zk-SNARK library that offers a high-level API to desig ...)
-	TODO: check
+	NOT-FOR-US: gnark zk-SNARK library
 CVE-2024-50347 (Laravel Reverb provides a real-time WebSocket communication backend fo ...)
 	NOT-FOR-US: Laravel Reverb
 CVE-2024-49685 (Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custo ...)
@@ -142,7 +142,7 @@ CVE-2024-43383 (Deserialization of Untrusted Data vulnerability in Apache Lucene
 CVE-2024-42835 (langflow v1.0.12 was discovered to contain a remote code execution (RC ...)
 	NOT-FOR-US: langflow-ai/langflow
 CVE-2024-42515 (Glossarizer through 1.5.2 improperly tries to convert text into HTML.  ...)
-	TODO: check
+	NOT-FOR-US: Glossarizer
 CVE-2024-39722 (An issue was discovered in Ollama before 0.1.46. It exposes which file ...)
 	NOT-FOR-US: Ollama
 CVE-2024-39721 (An issue was discovered in Ollama before 0.1.34. The CreateModelHandle ...)
@@ -208,7 +208,7 @@ CVE-2024-48093 (Unrestricted File Upload in the Discussions tab in Operately v.0
 CVE-2024-43382 (Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrec ...)
 	NOT-FOR-US: Snowflake JDBC
 CVE-2024-21537 (Versions of the package lilconfig from 3.1.0 and before 3.1.1 are vuln ...)
-	TODO: check
+	NOT-FOR-US: lilconfig
 CVE-2024-10561 (A vulnerability was found in Codezips Pet Shop Management System 1.0.  ...)
 	NOT-FOR-US: Codezips Pet Shop Management System
 CVE-2024-10559 (A vulnerability was found in SourceCodester Airport Booking Management ...)
@@ -231,7 +231,7 @@ CVE-2024-10005 (A vulnerability was identified in Consul and Consul Enterprise (
 	- consul <removed>
 	[bullseye] - consul <end-of-life> (bug #1057418)
 CVE-2023-52066 (http.zig commit 76cf5 was discovered to contain a CRLF injection vulne ...)
-	TODO: check
+	NOT-FOR-US: http.zig
 CVE-2024-9419 (Client / Server PCs with the HP Smart Universal Printing Driver instal ...)
 	NOT-FOR-US: HP
 CVE-2024-9388 (The Black Widgets For Elementor plugin for WordPress is vulnerable to  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c794bef97f824afb02ce272336979c733fc16a2c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c794bef97f824afb02ce272336979c733fc16a2c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241101/1aa04954/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list