[Git][security-tracker-team/security-tracker][master] 3 commits: Process new mattermost-server issue
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 9 20:23:58 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f9d6909f by Salvatore Bonaccorso at 2024-11-09T21:21:48+01:00
Process new mattermost-server issue
- - - - -
6d3b875c by Salvatore Bonaccorso at 2024-11-09T21:23:23+01:00
Process some NFUs
- - - - -
af85a4d7 by Salvatore Bonaccorso at 2024-11-09T21:23:37+01:00
Process new mattermost-server issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,211 +1,211 @@
CVE-2024-52032 (Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to prop ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-51787 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51786 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51785 (Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Sol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51784 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51783 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51782 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51781 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51780 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51779 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51778 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51776 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51763 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51762 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51761 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51760 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51759 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51719 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51718 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51717 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51716 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51714 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51713 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51712 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51711 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51710 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51709 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51708 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51707 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51706 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51705 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51704 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51703 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51702 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51701 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51699 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51698 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51697 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51696 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51695 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51694 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51693 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51692 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51691 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51690 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51689 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51676 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51675 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51674 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51673 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51670 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51668 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51664 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51663 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51662 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51647 (Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51630 (Cross-Site Request Forgery (CSRF) vulnerability in Lars Schenk Respons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51629 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51628 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51627 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51625 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51623 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51622 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51621 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51620 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51619 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51618 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51616 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51614 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51613 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51612 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51611 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51610 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51609 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51608 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51607 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51606 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51605 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51604 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51603 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51602 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51601 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51599 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51598 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51597 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51596 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51595 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51594 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51593 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51592 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51591 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51590 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51589 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51588 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51587 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51586 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51585 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51579 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51570 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50544 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50539 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50524 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42000 (Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-36250 (Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail toprote ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-10837 (The SysBasics Customize My Account for WooCommerce plugin for WordPres ...)
TODO: check
CVE-2024-10676 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -440,13 +440,13 @@ CVE-2024-8960 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is vul
CVE-2024-8756 (The Quform - WordPress Form Builder plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-52314 (A data.all admin team member who has access to the customer-owned AWS ...)
- TODO: check
+ NOT-FOR-US: AWS data.all
CVE-2024-52313 (An authenticated data.all user is able to manipulate a getDataset quer ...)
- TODO: check
+ NOT-FOR-US: AWS data.all
CVE-2024-52312 (Due to inconsistent authorization permissions, data.all may allow an e ...)
- TODO: check
+ NOT-FOR-US: AWS data.all
CVE-2024-52311 (Authentication tokens issued via Cognito in data.all are not invalidat ...)
- TODO: check
+ NOT-FOR-US: AWS data.all
CVE-2024-52009 (Atlantis is a self-hosted golang application that listens for Terrafor ...)
NOT-FOR-US: Atlantis
CVE-2024-52007 (HAPI FHIR is a complete implementation of the HL7 FHIR standard for he ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0a1a9f9d00b685a3f10061fad6b48c65ad79e281...af85a4d71fd2c95febc0f8517ce9b25154aa5fcf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0a1a9f9d00b685a3f10061fad6b48c65ad79e281...af85a4d71fd2c95febc0f8517ce9b25154aa5fcf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241109/3bc3e548/attachment.htm>
More information about the debian-security-tracker-commits
mailing list