[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 1 06:13:18 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18234012 by Salvatore Bonaccorso at 2025-02-01T07:12:56+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85,21 +85,21 @@ CVE-2025-0938 (The Python standard library functions `urllib.parse.urlsplit` and
 CVE-2025-0934 (A vulnerability was found in code-projects Job Recruitment 1.0. It has ...)
 	NOT-FOR-US: code-projects Job Recruitment
 CVE-2025-0930 (Reflected Cross-Site Scripting (XSS) in TeamCal Neo, version 3.8.2. Th ...)
-	TODO: check
+	NOT-FOR-US: TeamCal Neo
 CVE-2025-0929 (SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could  ...)
-	TODO: check
+	NOT-FOR-US: TeamCal Neo
 CVE-2024-57432 (macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The appl ...)
-	TODO: check
+	NOT-FOR-US: macrozheng mall-tiny
 CVE-2024-53584 (OpenPanel v0.3.4 was discovered to contain an OS command injection vul ...)
-	TODO: check
+	NOT-FOR-US: OpenPanel
 CVE-2024-53582 (An issue found in the Copy and View functions in the File Manager comp ...)
-	TODO: check
+	NOT-FOR-US: OpenPanel
 CVE-2024-53537 (An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a d ...)
-	TODO: check
+	NOT-FOR-US: OpenPanel
 CVE-2024-53320 (Qualisys C++ SDK commit a32a21a was discovered to contain multiple sta ...)
-	TODO: check
+	NOT-FOR-US: Qualisys C++ SDK
 CVE-2024-53319 (A heap buffer overflow in the XML Text Escaping component of Qualisys  ...)
-	TODO: check
+	NOT-FOR-US: Qualisys C++ SDK
 CVE-2024-49807 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 throug ...)
 	NOT-FOR-US: IBM
 CVE-2024-49349 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
@@ -107,7 +107,7 @@ CVE-2024-49349 (IBM Financial Transaction Manager for SWIFT Services for Multipl
 CVE-2024-49339 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
 	NOT-FOR-US: IBM
 CVE-2024-47857 (SSH Communication Security PrivX versions between 18.0-36.0 implement  ...)
-	TODO: check
+	NOT-FOR-US: SSH Communication Security PrivX
 CVE-2024-47116 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 throug ...)
 	NOT-FOR-US: IBM
 CVE-2024-47103 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 throug ...)
@@ -117,25 +117,25 @@ CVE-2024-45650 (IBM Security Verify Directory 10.0 through 10.0.3 is vulnerable
 CVE-2024-45089 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 throug ...)
 	NOT-FOR-US: IBM
 CVE-2024-44055 (Server-Side Request Forgery (SSRF) vulnerability in NotFound Oshine Mo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-42671 (A Host Header Poisoning Open Redirect issue in slabiak Appointment Sch ...)
-	TODO: check
+	NOT-FOR-US: slabiak Appointment Scheduler
 CVE-2024-40696 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 throug ...)
 	NOT-FOR-US: IBM
 CVE-2024-13662 (The eHive Objects Image Grid plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13566 (The WP DataTable plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13472 (The The WooCommerce Product Table Lite plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13157 (The MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by So ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12415 (The The AI Infographic Maker plugin for WordPress is vulnerable to arb ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12267 (The Drag and Drop Multiple File Upload \u2013 Contact Form 7 plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12037 (The Post Form \u2013 Registration Form \u2013 Profile Form for User Pr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11741 (Grafana is an open-source platform for monitoring and observability.   ...)
 	TODO: check
 CVE-2023-38739 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 throug ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/182340127a548d99b810af06a3c5e3be7d34a1ca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/182340127a548d99b810af06a3c5e3be7d34a1ca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250201/d7804bf1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list