[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 7 12:54:29 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8cca9556 by Moritz Muehlenhoff at 2025-01-07T13:47:54+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,11 +27,11 @@ CVE-2024-55553 (In FRRouting (FRR) before 10.3, it is possible for an attacker t
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/b0800bfdf04b4fcf48504737ebfe4ba7f05268d3 (master)
 	NOTE: Fixed by: https://github.com/FRRouting/frr/commit/410eb0da69214a06350315575ddb332e363b66c6 (frr-10.2.1)
 CVE-2024-55076 (Grocy through 4.3.0 has no CSRF protection, as demonstrated by changin ...)
-	TODO: check
+	NOT-FOR-US: Grocy
 CVE-2024-55075 (Grocy through 4.3.0 allows remote attackers to obtain sensitive inform ...)
-	TODO: check
+	NOT-FOR-US: Grocy
 CVE-2024-55074 (The edit profile function of Grocy through 4.3.0 allows stored XSS and ...)
-	TODO: check
+	NOT-FOR-US: Grocy
 CVE-2024-54767 (An access control issue in the component /juis_boxinfo.xml of AVM FRIT ...)
 	NOT-FOR-US: AVM FRITZ!Box 7530 AX
 CVE-2024-54764 (An access control issue in the component /login/hostinfo2.cgi of ipTIM ...)
@@ -275,13 +275,13 @@ CVE-2025-21613 (go-git is a highly extensible git implementation library written
 	- golang-github-go-git-go-git <unfixed>
 	NOTE: https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m
 CVE-2025-21612 (TabberNeue is a MediaWiki extension that allows the wiki to create tab ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension TabberNeue
 CVE-2025-21611 (tgstation-server is a production scale tool for BYOND server managemen ...)
 	NOT-FOR-US: tgstation-server
 CVE-2025-21604 (LangChain4j-AIDeepin is a Retrieval enhancement generation (RAG) proje ...)
 	NOT-FOR-US: LangChain4j-AIDeepin
 CVE-2024-8474 (OpenVPN Connect before version 3.5.0 can contain the configuration pro ...)
-	TODO: check
+	NOT-FOR-US: OpenVPN Connect
 CVE-2024-56828 (File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the c ...)
 	NOT-FOR-US: ChestnutCMS
 CVE-2024-55629 (Suricata is a network Intrusion Detection System, Intrusion Prevention ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cca95562c528cbd4d6f1971a4290f155d862b19

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cca95562c528cbd4d6f1971a4290f155d862b19
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250107/f9c6ea31/attachment.htm>

More information about the debian-security-tracker-commits mailing list