[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aadd7334 by Salvatore Bonaccorso at 2024-10-28T09:29:13+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2024-9162 (The All-in-One WP Migration and Backup plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-50624 (ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle at ...)
 	TODO: check
 CVE-2024-50623 (In Cleo Harmony before 5.8.0.20, VLTrader before 5.8.0.20, and LexiCom ...)
-	TODO: check
+	NOT-FOR-US: Cleo
 CVE-2024-50616 (Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated ...)
-	TODO: check
+	NOT-FOR-US: Ironman PowerShell Universal
 CVE-2024-50615 (TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit,  ...)
 	TODO: check
 CVE-2024-50614 (TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, tha ...)
@@ -15,37 +15,37 @@ CVE-2024-50613 (libsndfile through 1.2.2 has a reachable assertion, that may lea
 CVE-2024-50612 (libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out ...)
 	TODO: check
 CVE-2024-50611 (CycloneDX cdxgen through 10.10.7, when run against an untrusted codeba ...)
-	TODO: check
+	NOT-FOR-US: CycloneDX cdxgen
 CVE-2024-50610 (GSL (GNU Scientific Library) through 2.8 has an integer signedness err ...)
 	TODO: check
 CVE-2024-50307 (Use of potentially dangerous function issue exists in Chatwork Desktop ...)
-	TODO: check
+	NOT-FOR-US: Chatwork Desktop Application
 CVE-2024-38821 (Spring WebFlux applications that have Spring Security authorization ru ...)
 	TODO: check
 CVE-2024-23843 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Genians
 CVE-2024-10440 (The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing  ...)
-	TODO: check
+	NOT-FOR-US: eHDR CTMS from Sunnet
 CVE-2024-10439 (The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDO ...)
-	TODO: check
+	NOT-FOR-US: eHDR CTMS from Sunnet
 CVE-2024-10438 (The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability,  ...)
-	TODO: check
+	NOT-FOR-US: eHDR CTMS from Sunnet
 CVE-2024-10435 (A vulnerability was found in didi Super-Jacoco 1.0. It has been declar ...)
-	TODO: check
+	NOT-FOR-US: didi Super-Jacoco
 CVE-2024-10434 (A vulnerability was found in Tenda AC1206 up to 20241027. It has been  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-10433 (A vulnerability was found in Project Worlds Simple Web-Based Chat Appl ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds Simple Web-Based Chat Application
 CVE-2024-10432 (A vulnerability has been found in Project Worlds Simple Web-Based Chat ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds Simple Web-Based Chat Application
 CVE-2024-10431 (A vulnerability, which was classified as critical, was found in Codezi ...)
-	TODO: check
+	NOT-FOR-US: Codezips Pet Shop Management System
 CVE-2024-10430 (A vulnerability, which was classified as critical, has been found in C ...)
-	TODO: check
+	NOT-FOR-US: Codezips Pet Shop Management System
 CVE-2024-10429 (A vulnerability classified as critical has been found in WAVLINK WN530 ...)
-	TODO: check
+	NOT-FOR-US: WAVLINK
 CVE-2024-10428 (A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up ...)
-	TODO: check
+	NOT-FOR-US: WAVLINK
 CVE-2024-50067 (In the Linux kernel, the following vulnerability has been resolved:  u ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/373b9338c9722a368925d83bc622c596896b328e (6.12-rc5)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aadd733472e06bab1374e58650869d3ded3d62b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aadd733472e06bab1374e58650869d3ded3d62b1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241028/19277c72/attachment.htm>