[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11cb2027 by Moritz Muehlenhoff at 2025-01-24T09:45:10+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,23 +2,23 @@ CVE-2025-0577
 	- glibc <not-affected> (Doesn't affect any released version of glibc)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2338871
 CVE-2025-23012 (Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) ...)
-	TODO: check
+	NOT-FOR-US: Fedora Repository
 CVE-2025-23011 (Fedora Repository 3.8.1 allows path traversal when extracting uploaded ...)
-	TODO: check
+	NOT-FOR-US: Fedora Repository
 CVE-2025-0693 (Variable response times in the AWS Sign-in IAM user login flow allowed ...)
-	TODO: check
+	NOT-FOR-US: AWS
 CVE-2024-57556 (Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before ...)
-	TODO: check
+	NOT-FOR-US: nbubna
 CVE-2024-57386 (Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote  ...)
-	TODO: check
+	NOT-FOR-US: Wallos
 CVE-2024-57329 (HortusFox v3.9 contains a stored XSS vulnerability in the "Add Plant"  ...)
-	TODO: check
+	NOT-FOR-US: HortusFox
 CVE-2024-57328 (A SQL Injection vulnerability exists in the login form of Online Food  ...)
-	TODO: check
+	NOT-FOR-US: Online Food Ordering System
 CVE-2024-57326 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in the sea ...)
-	TODO: check
+	NOT-FOR-US: Online Pizza Delivery System
 CVE-2024-55573 (An issue was discovered in Centreon centreon-web 24.10.x before 24.10. ...)
-	TODO: check
+	- centreon-web <itp> (bug #913903)
 CVE-2024-55195 (An allocation-size-too-big bug in the component /imagebuf.cpp of OpenI ...)
 	TODO: check
 CVE-2024-55194 (OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via  ...)
@@ -28,25 +28,25 @@ CVE-2024-55193 (OpenImageIO v3.1.0.0dev was discovered to contain a segmentation
 CVE-2024-55192 (OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via  ...)
 	TODO: check
 CVE-2024-53923 (An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04. ...)
-	TODO: check
+	- centreon-web <itp> (bug #913903)
 CVE-2024-53588 (A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers to ex ...)
-	TODO: check
+	NOT-FOR-US: iTop VPN
 CVE-2024-53379 (Heap buffer overflow in the server site handshake implementation in Re ...)
-	TODO: check
+	NOT-FOR-US: SharkSSL
 CVE-2024-50665 (gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_ ...)
 	TODO: check
 CVE-2024-50664 (gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:17 ...)
 	TODO: check
 CVE-2024-13683 (The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13680 (The Form Builder CP plugin for WordPress is vulnerable to SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13659 (The Listamester plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-46401 (KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice add ...)
-	TODO: check
+	NOT-FOR-US: KWHotel
 CVE-2023-46400 (KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest f ...)
-	TODO: check
+	NOT-FOR-US: KWHotel
 CVE-2024-0149
 	- nvidia-graphics-drivers <unfixed> (bug #1093908)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11cb2027f58467a97abb16d72c20c6a701b49f6a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11cb2027f58467a97abb16d72c20c6a701b49f6a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250124/4eb768b3/attachment-0001.htm>