[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Oct 16 17:49:27 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48cd6857 by Moritz Mühlenhoff at 2024-10-16T09:43:20+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84,11 +84,11 @@ CVE-2024-48279 (A HTML Injection vulnerability was found in /search-result.php o
 CVE-2024-48278 (Phpgurukul User Registration & Login and User Management System 3.2 is ...)
 	NOT-FOR-US: Phpgurukul User Registration & Login and User Management System
 CVE-2024-47945 (The devices are vulnerable to session hijacking due to insufficient  e ...)
-	TODO: check
+	NOT-FOR-US: Rittal
 CVE-2024-47944 (The device directly executes .patch firmware upgrade files on a USB st ...)
-	TODO: check
+	NOT-FOR-US: Rittal
 CVE-2024-47943 (The firmware upgrade function in the admin web interface of the Rittal ...)
-	TODO: check
+	NOT-FOR-US: Rittal
 CVE-2024-47876 (Sakai is a Collaboration and Learning Environment. Starting in version ...)
 	NOT-FOR-US: Sakai
 CVE-2024-47874 (Starlette is an Asynchronous Server Gateway Interface (ASGI) framework ...)
@@ -96,13 +96,13 @@ CVE-2024-47874 (Starlette is an Asynchronous Server Gateway Interface (ASGI) fra
 	NOTE: https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw
 	NOTE: https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733 (0.40.0)
 CVE-2024-47824 (matrix-react-sdk is react-based software development kit for inserting ...)
-	TODO: check
+	NOT-FOR-US: matrix-react-sdk
 CVE-2024-47779 (Element is a Matrix web client built using the Matrix React SDK .Eleme ...)
-	TODO: check
+	- element-web <itp> (bug #866502)
 CVE-2024-47771 (Element Desktop is a Matrix client for desktop platforms. Element Desk ...)
 	TODO: check
 CVE-2024-47080 (matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeS ...)
-	TODO: check
+	NOT-FOR-US: matrix-js-sdk
 CVE-2024-45276 (An unauthenticated remote attacker can get read access to files in the ...)
 	TODO: check
 CVE-2024-45275 (The devices contain two hard coded user accounts with hardcoded passwo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48cd6857c88b7b0bb8a29396c66706ea39b1cab2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48cd6857c88b7b0bb8a29396c66706ea39b1cab2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241016/83c9497a/attachment.htm>

More information about the debian-security-tracker-commits mailing list