[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 23 21:40:02 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67cfca11 by Salvatore Bonaccorso at 2024-09-23T22:39:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2024-47069 (Oveleon Cookie Bar is a cookie bar is for the Contao Open Source
 CVE-2024-47068 (Rollup is a module bundler for JavaScript. Versions prior to 3.29.5 an ...)
 	TODO: check
 CVE-2024-47066 (Lobe Chat is an open-source artificial intelligence chat framework. Pr ...)
-	TODO: check
+	NOT-FOR-US: Lobe Chat
 CVE-2024-46997 (DataEase is an open source data visualization analysis tool. Prior to  ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2024-46985 (DataEase is an open source data visualization analysis tool. Prior to  ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2024-46639 (A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows  ...)
 	NOT-FOR-US: HelpDeskZ
 CVE-2024-46544 (Incorrect Default Permissions vulnerability in Apache Tomcat Connector ...)
@@ -32,31 +32,31 @@ CVE-2024-44540 (Ubiquiti AirMax firmware version firmware version 8 allows attac
 CVE-2024-43201 (The Planet Fitness Workouts iOS and Android mobile apps prior to versi ...)
 	NOT-FOR-US: Planet Fitness Workouts iOS and Android mobile apps
 CVE-2024-41228 (A symlink following vulnerability in the pouch cp function of AliyunCo ...)
-	TODO: check
+	NOT-FOR-US: AliyunContainerService
 CVE-2024-40442 (An issue in Doccano Open source annotation tools for machine learning  ...)
-	TODO: check
+	NOT-FOR-US: Doccano
 CVE-2024-40441 (An issue in Doccano Open source annotation tools for machine learning  ...)
-	TODO: check
+	NOT-FOR-US: Doccano
 CVE-2024-39843 (A SQL injection vulnerability in Centreon 24.04.2 allows a remote high ...)
 	TODO: check
 CVE-2024-39842 (A SQL injection vulnerability in Centreon 24.04.2 allows a remote high ...)
 	TODO: check
 CVE-2024-39342 (Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10 ...)
-	TODO: check
+	NOT-FOR-US: Entrust Instant Financial Issuance
 CVE-2024-39341 (Entrust Instant Financial Issuance (On Premise) Software (formerly kno ...)
-	TODO: check
+	NOT-FOR-US: Entrust Instant Financial Issuance
 CVE-2024-37779 (WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: WoodWing Elvis DAM
 CVE-2024-34331 (A lack of code signature verification in Parallels Desktop for Mac v19 ...)
-	TODO: check
+	NOT-FOR-US: Parallels Desktop
 CVE-2024-23972 (Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Co ...)
-	TODO: check
+	NOT-FOR-US: Sony XAV-AX5500 USB Configuration Descriptor
 CVE-2024-23934 (Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Cod ...)
-	TODO: check
+	NOT-FOR-US: Sony XAV-AX5500 WMV/ASF
 CVE-2024-23933 (Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Ex ...)
-	TODO: check
+	NOT-FOR-US: Sony XAV-AX5500 CarPlay TLV
 CVE-2024-23922 (Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Ex ...)
-	TODO: check
+	NOT-FOR-US: Sony XAV-AX5500
 CVE-2024-0005 (A condition exists in FlashArray and FlashBlade Purity whereby a malic ...)
 	TODO: check
 CVE-2024-0004 (A condition exists in FlashArray Purity whereby an user with array adm ...)
@@ -68,7 +68,7 @@ CVE-2024-0002 (A condition exists in FlashArray Purity whereby an attacker can e
 CVE-2024-0001 (A condition exists in FlashArray Purity whereby a local account intend ...)
 	TODO: check
 CVE-2023-46948 (A reflected Cross-Site Scripting (XSS) vulnerability was found on Teme ...)
-	TODO: check
+	NOT-FOR-US: Temenos T24 Browser
 CVE-2022-48945 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
 	- linux 6.1.4-1
 	[bullseye] - linux 5.10.178-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67cfca11a385c33000b188dc4b5f09f1c6d5565b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67cfca11a385c33000b188dc4b5f09f1c6d5565b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240923/43d951e5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list