[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Nov 19 20:27:25 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
281b172f by Salvatore Bonaccorso at 2024-11-19T21:26:35+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -226,9 +226,9 @@ CVE-2024-52395 (Missing Authorization vulnerability in QunatumCloud Floating But
 CVE-2024-52388 (Cross-Site Request Forgery (CSRF) vulnerability in Mike \u201cMikeage\ ...)
 	TODO: check
 CVE-2024-52360 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-52359 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-51938 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	TODO: check
 CVE-2024-51937 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -552,7 +552,7 @@ CVE-2024-51631 (Cross-Site Request Forgery (CSRF) vulnerability in Eftakhairul I
 CVE-2024-51617 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	TODO: check
 CVE-2024-51503 (A security agent manual scan command injection vulnerability in the Tr ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2024-50803 (The mediapool feature of the Redaxo Core CMS application v 5.17.1 is v ...)
 	TODO: check
 CVE-2024-50556 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -656,7 +656,7 @@ CVE-2024-43338 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic, I
 CVE-2024-42450 (The Versa Director uses PostgreSQL (Postgres) to store operational and ...)
 	TODO: check
 CVE-2024-37070 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-31141 (Files or Directories Accessible to External Parties, Improper Privileg ...)
 	TODO: check
 CVE-2024-21697 (This High severity RCE (Remote Code Execution) vulnerability was intro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/281b172f6a38773581c1a9098f2d29ad2fc31ada

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/281b172f6a38773581c1a9098f2d29ad2fc31ada
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241119/a6b908ad/attachment.htm>

More information about the debian-security-tracker-commits mailing list