[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 29 22:02:02 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d1679972 by Salvatore Bonaccorso at 2024-11-29T23:01:33+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -117,9 +117,9 @@ CVE-2024-35366 (FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in t
- ffmpeg 7:7.0.1-3
NOTE: https://github.com/ffmpeg/ffmpeg/commit/0bed22d597b78999151e3bde0768b7fe763fc2a6 (n7.0)
CVE-2024-11992 (Absolute path traversal vulnerability in Quick.CMS, version 6.7, the e ...)
- TODO: check
+ NOT-FOR-US: Quick.CMS
CVE-2024-11990 (A Cross-Site Scripting (XSS) vulnerability in SurgeMail v78c2 could al ...)
- TODO: check
+ NOT-FOR-US: SurgeMail
CVE-2024-XXXX [ruzstd uninit and out-of-bounds memory reads]
- rust-ruzstd <not-affected> (Only affects 0.7.x)
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0400.html
@@ -152993,7 +152993,7 @@ CVE-2023-0210 (A bug affects the Linux kernel\u2019s ksmbd NTLMv2 authentication
NOTE: https://git.kernel.org/linus/797805d81baa814f76cf7bdab35f86408a79d707
NOTE: https://www.openwall.com/lists/oss-security/2023/01/04/1
CVE-2023-0163 (Improperly Controlled Modification of Object Prototype Attributes ('Pr ...)
- TODO: check
+ NOT-FOR-US: Mozilla Convict
CVE-2023-0162 (The CPO Companion plugin for WordPress is vulnerable to Stored Cross-S ...)
NOT-FOR-US: CPO Companion plugin for WordPress
CVE-2023-0161
@@ -475389,14 +475389,14 @@ CVE-2018-9379
CVE-2018-9378
RESERVED
CVE-2018-9377 (In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9376
RESERVED
NOT-FOR-US: Android
CVE-2018-9375
RESERVED
CVE-2018-9374 (In installPackageLI of PackageManagerService.java, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9373
RESERVED
CVE-2018-9372 (In cmd_flash_mmc_sparse_img of dl_commands.c, there is a possible out ...)
@@ -475437,17 +475437,17 @@ CVE-2018-9356 (In bnep_data_ind of bnep_main.c, there is a possible remote code
CVE-2018-9355 (In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of boun ...)
NOT-FOR-US: Android
CVE-2018-9354 (In VideoFrameScheduler.cpp of VideoFrameScheduler::PLL::fit, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9353 (In ihevcd_parse_slice_data of ihevcd_parse_slice.c there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9352 (In ihevcd_allocate_dynamic_bufs of ihevcd_api.c there is a possible re ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9351 (In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9350 (In ih264d_assign_pic_num of ih264d_utils.c there is a possible out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9349 (In mv_err_cost of mcomp.c there is a possible out of bounds read due t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9348 (In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overfl ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9347 (In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1679972977093822338b7a4ec13cec733a0b66b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1679972977093822338b7a4ec13cec733a0b66b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241129/9d6481c3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list