[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 9 21:19:48 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec350ae1 by Salvatore Bonaccorso at 2024-09-09T22:19:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2024-8605 (A vulnerability classified as problematic was found in code-projects I ...)
-	TODO: check
+	NOT-FOR-US: code-projects Inventory Management
 CVE-2024-8604 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Food Ordering System
 CVE-2024-8601 (This vulnerability exists in TechExcel Back Office Software versions p ...)
-	TODO: check
+	NOT-FOR-US: TechExcel Back Office Software
 CVE-2024-8373 (Improper sanitization of the value of the [srcset] attribute in <sourc ...)
 	TODO: check
 CVE-2024-8372 (Improper sanitization of the value of the '[srcset]' attribute in Angu ...)
 	TODO: check
 CVE-2024-8042 (Rapid7 Insight Platform versions between November 2019 and August 14,  ...)
-	TODO: check
+	NOT-FOR-US: Rapid7 Insight Platform
 CVE-2024-7341 (A session fixation issue was discovered in the SAML adapters provided  ...)
 	TODO: check
 CVE-2024-7318 (A vulnerability was found in Keycloak. Expired OTP codes are still usa ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2024-7260 (An open redirect vulnerability was found in Keycloak. A specially craf ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2024-7015 (Improper Authentication, Missing Authentication for Critical Function, ...)
 	TODO: check
 CVE-2024-6796 (In Baxter Connex health portal released before 8/30/2024, an improper  ...)
@@ -27,7 +27,7 @@ CVE-2024-6572 (Improper host key checking in active check 'Check SFTP Service' a
 CVE-2024-45411 (Twig is a template language for PHP. Under some circumstances, the san ...)
 	TODO: check
 CVE-2024-45406 (Craft is a content management system (CMS). Craft CMS 5 stored XSS can ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2024-45296 (path-to-regexp turns path strings into a regular expressions. In certa ...)
 	TODO: check
 CVE-2024-45041 (External Secrets Operator is a Kubernetes operator that integrates ext ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec350ae1052348a6004792857748f0f942d0353f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec350ae1052348a6004792857748f0f942d0353f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240909/ca68c816/attachment.htm>

More information about the debian-security-tracker-commits mailing list