[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Nov 26 20:26:01 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
802a0487 by Salvatore Bonaccorso at 2024-11-26T21:25:39+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2024-9929 (A vulnerability exists in NSD570 that allows any authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2024-9928 (A vulnerability exists in NSD570 login panel that does not restrict ex ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2024-9461 (The Total Upkeep \u2013 WordPress Backup Plugin plus Restore & Migrate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9170 (The Booster for WooCommerce plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8899 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8676 (A vulnerability was found in CRI-O, where it can be requested to take  ...)
 	TODO: check
 CVE-2024-8237 (A Denial of Service (DoS) issue has been discovered in GitLab CE/EE af ...)
 	TODO: check
 CVE-2024-8236 (The Elementor Website Builder \u2013 More than Just a Page Builder plu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8177 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-8114 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
@@ -23,15 +23,15 @@ CVE-2024-53976 (Under certain circumstances, navigating to a webpage would resul
 CVE-2024-53975 (Accessing a non-secure HTTP site that uses a non-existent port may cau ...)
 	TODO: check
 CVE-2024-53844 (E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect  ...)
-	TODO: check
+	NOT-FOR-US: E.D.D.I (Enhanced Dialog Driven Interface)
 CVE-2024-53620 (A cross-site scripting (XSS) vulnerability in the Article module of SP ...)
 	TODO: check
 CVE-2024-53619 (An authenticated arbitrary file upload vulnerability in the Documents  ...)
 	TODO: check
 CVE-2024-53555 (A CSV injection vulnerability in Taiga v6.8.1 allows attackers to exec ...)
-	TODO: check
+	NOT-FOR-US: Taiga
 CVE-2024-53365 (A stored cross-site scripting (XSS) vulnerability was identified in PH ...)
-	TODO: check
+	NOT-FOR-US: PHPGURUKUL Vehicle Parking Management System
 CVE-2024-53267 (sigstore-java is a sigstore java client for interacting with sigstore  ...)
 	TODO: check
 CVE-2024-52337 (A log spoofing flaw was found in the Tuned package due to improper san ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/802a0487e724ae8dc898b47cbee07b9e47e36eff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/802a0487e724ae8dc898b47cbee07b9e47e36eff
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241126/f79ac7a2/attachment.htm>
