[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f464f0ea by Salvatore Bonaccorso at 2024-10-16T07:50:04+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -48,27 +48,27 @@ CVE-2024-48948 (The Elliptic package 6.5.7 for Node.js, in its for ECDSA impleme
 	NOTE: https://github.com/indutny/elliptic/issues/321
 	NOTE: https://github.com/indutny/elliptic/pull/322
 CVE-2024-48915 (Agent Dart is an agent library built for Internet Computer for Dart an ...)
-	TODO: check
+	NOT-FOR-US: Agent Dart
 CVE-2024-48914 (Vendure is an open-source headless commerce platform. Prior to version ...)
-	TODO: check
+	NOT-FOR-US: Vendure
 CVE-2024-48913 (Hono, a web framework, prior to version 4.6.5 is vulnerable to bypass  ...)
-	TODO: check
+	NOT-FOR-US: Hono
 CVE-2024-48624 (In segments\edit.php of DomainMOD below v4.12.0, the segid parameter i ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2024-48623 (In queue\index.php of DomainMOD below v4.12.0, the list_id and domain_ ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2024-48622 (A cross-site scripting (XSS) issue in DomainMOD below v4.12.0 allows r ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2024-48283 (Phpgurukul User Registration & Login and User Management System 3.2 is ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul User Registration & Login and User Management System
 CVE-2024-48282 (A SQL Injection vulnerability was found in /password-recovery.php of P ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul User Registration & Login and User Management System
 CVE-2024-48280 (A SQL Injection vulnerability was found in /search-result.php of PHPGu ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul User Registration & Login and User Management System
 CVE-2024-48279 (A HTML Injection vulnerability was found in /search-result.php of PHPG ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul User Registration & Login and User Management System
 CVE-2024-48278 (Phpgurukul User Registration & Login and User Management System 3.2 is ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul User Registration & Login and User Management System
 CVE-2024-47945 (The devices are vulnerable to session hijacking due to insufficient  e ...)
 	TODO: check
 CVE-2024-47944 (The device directly executes .patch firmware upgrade files on a USB st ...)
@@ -76,7 +76,7 @@ CVE-2024-47944 (The device directly executes .patch firmware upgrade files on a
 CVE-2024-47943 (The firmware upgrade function in the admin web interface of the Rittal ...)
 	TODO: check
 CVE-2024-47876 (Sakai is a Collaboration and Learning Environment. Starting in version ...)
-	TODO: check
+	NOT-FOR-US: Sakai
 CVE-2024-47874 (Starlette is an Asynchronous Server Gateway Interface (ASGI) framework ...)
 	TODO: check
 CVE-2024-47824 (matrix-react-sdk is react-based software development kit for inserting ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f464f0eac5fdbec6b1696f8c4a06a7aa08603370

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f464f0eac5fdbec6b1696f8c4a06a7aa08603370
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241016/98a78495/attachment-0001.htm>