[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Oct 1 07:58:49 BST 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c12bc22c by Moritz Muehlenhoff at 2024-10-01T08:58:29+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-9158 (A stored cross site scripting vulnerability exists in Nessus Network M ...)
-	TODO: check
+	NOT-FOR-US: Nessus
 CVE-2024-6394 (A Local File Inclusion vulnerability exists in parisneo/lollms-webui v ...)
 	NOT-FOR-US: parisneo/lollms-webui
 CVE-2024-6051 (Cross Application Scripting vulnerability in Vercom S.A. Redlink SDKin ...)
@@ -7,17 +7,17 @@ CVE-2024-6051 (Cross Application Scripting vulnerability in Vercom S.A. Redlink
 CVE-2024-47641 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-47536 (Citizen is a MediaWiki skin that makes extensions part of the cohesive ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki skin
 CVE-2024-47532 (RestrictedPython is a restricted execution environment for Python to r ...)
 	- restrictedpython <unfixed>
 	NOTE: https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h
 	NOTE: Fixed by: https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6 (7.3)
 CVE-2024-47531 (Scout is a web-based visualizer for VCF-files. Due to the lack of sani ...)
-	TODO: check
+	NOT-FOR-US: Scout
 CVE-2024-47530 (Scout is a web-based visualizer for VCF-files. Open redirect vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Scout
 CVE-2024-47178 (basic-auth-connect is Connect's Basic Auth middleware in its own modul ...)
-	TODO: check
+	NOT-FOR-US: basic-auth-connect
 CVE-2024-47172 (Computer Vision Annotation Tool (CVAT) is an interactive video and ima ...)
 	NOT-FOR-US: Computer Vision Annotation Tool (CVAT)
 CVE-2024-47067 (AList is a file list program that supports multiple storages. AList co ...)
@@ -49,7 +49,7 @@ CVE-2024-46280 (PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper A
 CVE-2024-45993 (Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2 ...)
 	TODO: check
 CVE-2024-45920 (A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 al ...)
-	TODO: check
+	NOT-FOR-US: Solvait
 CVE-2024-45792 (Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a ...)
 	- mantis <removed>
 CVE-2024-42017 (An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c12bc22c8557a6fb86ee6700919e19840b698c2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c12bc22c8557a6fb86ee6700919e19840b698c2e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241001/9466f9e0/attachment.htm>


More information about the debian-security-tracker-commits mailing list