[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Thu Oct 24 06:24:02 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
778fb2c7 by Salvatore Bonaccorso at 2024-10-24T07:23:43+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2024-50050 (Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f
 CVE-2024-49756 (AshPostgres is the PostgreSQL data layer for Ash Framework. Starting i ...)
 	TODO: check
 CVE-2024-49751 (Press, a Frappe custom app that runs Frappe Cloud, manages infrastruct ...)
-	TODO: check
+	NOT-FOR-US: Press app for Frappe
 CVE-2024-49701 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
 	NOT-FOR-US: WordPress theme
 CVE-2024-49690 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
@@ -41,9 +41,9 @@ CVE-2024-49652 (Unrestricted Upload of File with Dangerous Type vulnerability in
 CVE-2024-49370 (Pimcore is an open source data and experience management platform. Whe ...)
 	NOT-FOR-US: Pimcore
 CVE-2024-48964 (The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection w ...)
-	TODO: check
+	NOT-FOR-US: Snyk
 CVE-2024-48963 (The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection w ...)
-	TODO: check
+	NOT-FOR-US: Snyk
 CVE-2024-47904 (A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subsc ...)
 	NOT-FOR-US: Siemens
 CVE-2024-47903 (A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subsc ...)
@@ -219064,9 +219064,9 @@ CVE-2022-23864
 CVE-2022-23863 (Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authen ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2022-23862 (A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Bu ...)
-	TODO: check
+	NOT-FOR-US: Y Soft SAFEQ
 CVE-2022-23861 (Multiple Stored Cross-Site Scripting vulnerabilities were discovered i ...)
-	TODO: check
+	NOT-FOR-US: Y Soft SAFEQ
 CVE-2022-23860
 	RESERVED
 CVE-2022-23859



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/778fb2c767d640c6e9ba4e69dce734b79df4b389

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/778fb2c767d640c6e9ba4e69dce734b79df4b389
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241024/7ea45196/attachment-0001.htm>
