[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 29 21:02:45 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
493bab51 by Salvatore Bonaccorso at 2024-11-29T22:02:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,23 +29,23 @@ CVE-2024-52809 (vue-i18n  is an internationalization plugin for Vue.js. In affec
 CVE-2024-52801 (sftpgo is a full-featured and highly configurable event-driven file tr ...)
 	- sftpgo <itp> (bug #1050829)
 CVE-2024-52800 (veraPDF is an open source PDF/A validation library. Executing policy c ...)
-	TODO: check
+	NOT-FOR-US: veraPDF-library
 CVE-2024-52782 (DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and ...)
-	TODO: check
+	NOT-FOR-US: DCME
 CVE-2024-52781 (DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and ...)
-	TODO: check
+	NOT-FOR-US: DCME
 CVE-2024-52780 (DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and ...)
-	TODO: check
+	NOT-FOR-US: DCME
 CVE-2024-52779 (DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and ...)
-	TODO: check
+	NOT-FOR-US: DCME
 CVE-2024-52778 (DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and ...)
-	TODO: check
+	NOT-FOR-US: DCME
 CVE-2024-52777 (DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L, <=9.3.5.26, an ...)
-	TODO: check
+	NOT-FOR-US: DCME
 CVE-2024-52003 (Traefik (pronounced traffic) is an HTTP reverse proxy and load balance ...)
 	TODO: check
 CVE-2024-50357 (FutureNet NXR series routers provided by Century Systems Co., Ltd. hav ...)
-	TODO: check
+	NOT-FOR-US: FutureNet NXR series routers
 CVE-2024-49806 (IBM Security Verify Access Appliance 10.0.0 through 10.0.8   contains  ...)
 	NOT-FOR-US: IBM
 CVE-2024-49805 (IBM Security Verify Access Appliance 10.0.0 through 10.0.8   contains  ...)
@@ -55,25 +55,25 @@ CVE-2024-49804 (IBM Security Verify Access Appliance 10.0.0 through 10.0.8   cou
 CVE-2024-49803 (IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow ...)
 	NOT-FOR-US: IBM
 CVE-2024-49360 (Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit  ...)
-	TODO: check
+	NOT-FOR-US: Sandboxie
 CVE-2024-48406 (Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and f ...)
-	TODO: check
+	NOT-FOR-US: SunBK201 umicat
 CVE-2024-47193 (WithSecure Elements Agent for Mac before 24.3, MDR before 24.3, and El ...)
-	TODO: check
+	NOT-FOR-US: WithSecure
 CVE-2024-47094 (Insertion of Sensitive Information into Log File in Checkmk GmbH's Che ...)
 	TODO: check
 CVE-2024-36671 (nodemcu before v3.0.0-release_20240225 was discovered to contain an in ...)
-	TODO: check
+	NOT-FOR-US: nodemcu
 CVE-2024-36626 (In prestashop 8.1.4, a NULL pointer dereference was identified in the  ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2024-36625 (Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the replace_ ...)
-	TODO: check
+	NOT-FOR-US: Zulip
 CVE-2024-36624 (Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the construc ...)
-	TODO: check
+	NOT-FOR-US: Zulip
 CVE-2024-36623 (moby v25.0.3 has a Race Condition vulnerability in the streamformatter ...)
 	TODO: check
 CVE-2024-36622 (In RaspAP raspap-webgui 3.0.9 and earlier, a command injection vulnera ...)
-	TODO: check
+	NOT-FOR-US: RaspAP raspap-webgui
 CVE-2024-36621 (moby v25.0.5 is affected by a Race Condition in builder/builder-next/a ...)
 	TODO: check
 CVE-2024-36620 (moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via d ...)
@@ -89,13 +89,13 @@ CVE-2024-36616 (An integer overflow in the component /libavformat/westwood_vqa.c
 CVE-2024-36615 (FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. Thi ...)
 	TODO: check
 CVE-2024-36612 (Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the hand ...)
-	TODO: check
+	NOT-FOR-US: Zulip
 CVE-2024-36611 (In Symfony v7.07, a security vulnerability was identified in the FormL ...)
 	TODO: check
 CVE-2024-36610 (A deserialization vulnerability exists in the Stub class of the VarDum ...)
 	TODO: check
 CVE-2024-35371 (Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization f ...)
-	TODO: check
+	NOT-FOR-US: Ant-Media-Server
 CVE-2024-35369 (In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c m ...)
 	TODO: check
 CVE-2024-35368 (FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/493bab51cd1568fff7c688a0ec371008c9e04cb6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/493bab51cd1568fff7c688a0ec371008c9e04cb6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241129/8bbba858/attachment.htm>

More information about the debian-security-tracker-commits mailing list