[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fcc3b2fa by Moritz Muehlenhoff at 2024-09-05T11:22:05+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2024-8178 (The ctl_write_buffer and ctl_read_buffer functions allocated memory to ...)
 	TODO: check
 CVE-2024-7627 (The Bit File Manager plugin for WordPress is vulnerable to Remote Code ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6846 (The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not valida ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6835 (The Ivory Search \u2013 WordPress Search Plugin plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-45692 (Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traff ...)
-	TODO: check
+	- webmin <removed>
 CVE-2024-45429 (Cross-site scripting vulnerability exists in Advanced Custom Fields ve ...)
 	TODO: check
 CVE-2024-45399 (Indico is an event management system that uses Flask-Multipass, a mult ...)
@@ -63,7 +63,7 @@ CVE-2024-8407 (A vulnerability was found in alwindoss akademy up to 35caccea888e
 CVE-2024-8399 (Websites could utilize Javascript links to spoof URL addresses in the  ...)
 	TODO: check
 CVE-2024-8391 (In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not lim ...)
-	TODO: check
+	NOT-FOR-US: Eclipse Vertx
 CVE-2024-8325 (The Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Busi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8318 (The Attributes for Blocks plugin for WordPress is vulnerable to Stored ...)
@@ -89,7 +89,7 @@ CVE-2024-8102 (The The Ultimate WordPress Toolkit \u2013 WP Extended plugin for
 CVE-2024-7950 (The WP Job Portal \u2013 A Complete Recruitment System for Company or  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-7923 (An authentication bypass vulnerability has been identified in Pulpcore ...)
-	TODO: check
+	NOT-FOR-US: Pulpcore
 CVE-2024-7870 (The PixelYourSite \u2013 Your smart PIXEL (TAG) & API Manager and the  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-7834 (A local privilege escalation is caused by Overwolf loading and executi ...)
@@ -105,17 +105,17 @@ CVE-2024-7077 (Improper Neutralization of Input During Web Page Generation ('Cro
 CVE-2024-7076 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2024-7012 (An authentication bypass vulnerability has been identified in Foreman  ...)
-	TODO: check
+	- foreman <itp> (bug #663101)
 CVE-2024-6926 (The Viral Signup  WordPress plugin through 2.1 does not properly sanit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6889 (The Secure Copy Content Protection and Content Locking WordPress plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6888 (The Secure Copy Content Protection and Content Locking WordPress plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6722 (The Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6020 (The Sign-up Sheets WordPress plugin before 2.2.13 does not escape some ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-45507 (Server-Side Request Forgery (SSRF), Improper Control of Generation of  ...)
 	TODO: check
 CVE-2024-45450 (Permission control vulnerability in the software update module. Impact ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcc3b2fa83e99f8a30e119325b82622e7c97adcc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcc3b2fa83e99f8a30e119325b82622e7c97adcc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240905/2029e95d/attachment.htm>