[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d5ab6ee by Moritz Muehlenhoff at 2024-10-30T11:25:57+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -109,15 +109,15 @@ CVE-2024-48572 (A User enumeration vulnerability in AquilaCMS 1.409.20 and prior
 CVE-2024-48461 (Cross Site Scripting vulnerability in TeslaLogger Admin Panel before v ...)
 	NOT-FOR-US: TeslaLogger Admin Panel
 CVE-2024-48206 (A Deserialization of Untrusted Data vulnerability in chainer v7.8.1.po ...)
-	TODO: check
+	NOT-FOR-US: chainer
 CVE-2024-48138 (A remote code execution (RCE) vulnerability in the component /PluXml/c ...)
-	TODO: check
+	- pluxml <removed>
 CVE-2024-48063 (In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE.)
 	TODO: check
 CVE-2024-44081 (In Jitsi Meet before 2.0.9779, the functionality to share a video file ...)
-	TODO: check
+	- jitsi-meet <itp> (bug #760485)
 CVE-2024-44080 (In Jitsi Meet before 2.0.9779, the functionality to share an image usi ...)
-	TODO: check
+	- jitsi-meet <itp> (bug #760485)
 CVE-2024-10509 (A vulnerability, which was classified as critical, has been found in C ...)
 	NOT-FOR-US: Codezips Online Institute Management System
 CVE-2024-10507 (A vulnerability classified as critical was found in Codezips Free Exam ...)
@@ -127,7 +127,7 @@ CVE-2024-10506 (A vulnerability classified as critical has been found in code-pr
 CVE-2024-10505 (A vulnerability was found in wuzhicms 4.1.0. It has been classified as ...)
 	NOT-FOR-US: wuzhicms
 CVE-2024-10503 (A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and c ...)
-	TODO: check
+	NOT-FOR-US: Klokan MapTiler tileserver-gl
 CVE-2024-10502 (A vulnerability has been found in ESAFENET CDG 5 and classified as cri ...)
 	NOT-FOR-US: ESAFENET CDG 5
 CVE-2024-10501 (A vulnerability, which was classified as critical, was found in ESAFEN ...)
@@ -137,7 +137,7 @@ CVE-2024-10500 (A vulnerability, which was classified as critical, has been foun
 CVE-2024-10399 (The Download Monitor plugin for WordPress is vulnerable to unauthorize ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-10228 (The Vagrant VMWare Utility Windows installer targeted a custom locatio ...)
-	TODO: check
+	NOT-FOR-US: Vagrant VMWare Utility Windows installer
 CVE-2024-10223 (The WP Team \u2013 WordPress Team Member Plugin plugin for WordPress i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-10108 (The WPAdverts \u2013 Classifieds Plugin plugin for WordPress is vulner ...)
@@ -388,9 +388,10 @@ CVE-2024-22066 (There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V
 CVE-2024-10491 (A vulnerability has been identified in the Express response.linksfunct ...)
 	TODO: check
 CVE-2024-10474 (Focus was incorrectly allowing internal links to utilize the app schem ...)
-	TODO: check
+	- firefox <not-affected> (Only affects Firefox Focus for Android)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-60/
 CVE-2024-10452 (Organization admins can delete pending invites created in an organizat ...)
-	TODO: check
+	- grafana <removed>
 CVE-2024-10437 (The WPC Smart Messages for WooCommerce plugin for WordPress is vulnera ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-10436 (The WPC Smart Messages for WooCommerce plugin for WordPress is vulnera ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d5ab6ee1bab07cb72d40cad5c14b960d120685c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d5ab6ee1bab07cb72d40cad5c14b960d120685c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241030/8aa182db/attachment.htm>