[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 24 20:54:24 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
03b55615 by Salvatore Bonaccorso at 2024-09-24T21:54:03+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2024-7018 (Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.
 	- chromium 124.0.6367.78-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-46957 (Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing  ...)
-	TODO: check
+	NOT-FOR-US: Mellium mellium.im/xmpp
 CVE-2024-39928 (In Apache Linkis <= 1.5.0, a Random string security vulnerability in S ...)
 	NOT-FOR-US: Apache Linkis
 CVE-2024-38269 (An improper restriction of operations within the bounds of a memory bu ...)
@@ -168,15 +168,15 @@ CVE-2024-23933 (Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote C
 CVE-2024-23922 (Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Ex ...)
 	NOT-FOR-US: Sony XAV-AX5500
 CVE-2024-0005 (A condition exists in FlashArray and FlashBlade Purity whereby a malic ...)
-	TODO: check
+	NOT-FOR-US: FlashArray and FlashBlade Purity
 CVE-2024-0004 (A condition exists in FlashArray Purity whereby an user with array adm ...)
-	TODO: check
+	NOT-FOR-US: FlashArray Purity
 CVE-2024-0003 (A condition exists in FlashArray Purity whereby a malicious user could ...)
-	TODO: check
+	NOT-FOR-US: FlashArray Purity
 CVE-2024-0002 (A condition exists in FlashArray Purity whereby an attacker can employ ...)
-	TODO: check
+	NOT-FOR-US: FlashArray Purity
 CVE-2024-0001 (A condition exists in FlashArray Purity whereby a local account intend ...)
-	TODO: check
+	NOT-FOR-US: FlashArray Purity
 CVE-2023-46948 (A reflected Cross-Site Scripting (XSS) vulnerability was found on Teme ...)
 	NOT-FOR-US: Temenos T24 Browser
 CVE-2022-48945 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
@@ -175082,7 +175082,7 @@ CVE-2022-2441 (The ImageMagick Engine plugin for WordPress is vulnerable to remo
 CVE-2022-2440 (The Theme Editor plugin for WordPress is vulnerable to deserialization ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2439 (The Easy Digital Downloads \u2013 Simple eCommerce for Selling Digital ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-2438 (The Broken Link Checker plugin for WordPress is vulnerable to deserial ...)
 	NOT-FOR-US: Broken Link Checker plugin for WordPress
 CVE-2022-2437 (The Feed Them Social \u2013 for Twitter feed, Youtube and more plugin  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03b55615057e5c3d67042a927507d61035a4ca6e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03b55615057e5c3d67042a927507d61035a4ca6e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240924/bb8483ba/attachment.htm>

More information about the debian-security-tracker-commits mailing list