[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Oct 4 12:32:45 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d47b9fd5 by Moritz Muehlenhoff at 2024-10-04T13:32:27+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84,7 +84,7 @@ CVE-2024-47618 (Sulu is a PHP content management system. Sulu is vulnerable agai
 CVE-2024-47617 (Sulu is a PHP content management system. This vulnerability allows an  ...)
 	NOT-FOR-US: Sulu
 CVE-2024-47614 (async-graphql is a GraphQL server library implemented in Rust. async-g ...)
-	TODO: check
+	NOT-FOR-US: async-graphql
 CVE-2024-47561 (Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous vers ...)
 	NOT-FOR-US: Apache Avro
 CVE-2024-47554 (Uncontrolled Resource Consumption vulnerability in Apache Commons IO.  ...)
@@ -384,7 +384,7 @@ CVE-2024-45186 (FileSender before 2.49 allows server-side template injection (SS
 CVE-2024-33662 (Portainer before 2.20.2 improperly uses an encryption algorithm in the ...)
 	NOT-FOR-US: Portainer
 CVE-2024-21530 (Versions of the package cocoon before 0.4.0 are vulnerable to Reusing  ...)
-	TODO: check
+	NOT-FOR-US: Rust crate cocoon
 CVE-2024-47609 (Tonic is a native gRPC client & server implementation with async/await ...)
 	- rust-tonic <not-affected> (Only affects 0.12.2)
 	NOTE: https://github.com/hyperium/tonic/security/advisories/GHSA-4jwc-w2hc-78qv
@@ -246723,7 +246723,7 @@ CVE-2021-3667 (An improper locking issue was found in the virStoragePoolLookupBy
 CVE-2021-37578 (Apache jUDDI uses several classes related to Java's Remote Method Invo ...)
 	NOT-FOR-US: Apache jUDDI
 CVE-2021-37577 (Bluetooth LE and BR/EDR Secure Connections pairing and Secure Simple P ...)
-	TODO: check
+	NOT-FOR-US: Bluetooth standard
 CVE-2021-37575
 	RESERVED
 CVE-2021-37574



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d47b9fd5ac24f531894b4c5f4f68931715d9b835

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d47b9fd5ac24f531894b4c5f4f68931715d9b835
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241004/ec8621d1/attachment.htm>

More information about the debian-security-tracker-commits mailing list