[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 28 14:45:37 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
00c6eff3 by Moritz Muehlenhoff at 2025-01-28T15:44:45+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -157,59 +157,59 @@ CVE-2024-56178 (An issue was discovered in Couchbase Server 7.6.x through 7.6.3.
 CVE-2024-54728 (Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.220 ...)
 	NOT-FOR-US: BYD QIN PLUS DM-i Dilink OS
 CVE-2024-54557 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54550 (This issue was addressed with improved redaction of sensitive informat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54549 (This issue was addressed with improved redaction of sensitive informat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54547 (The issue was addressed with improved checks. This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54543 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54542 (An authentication issue was addressed with improved state management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54541 (This issue was addressed through improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54539 (This issue was addressed through improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54537 (This issue was addressed with additional entitlement checks. This issu ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54536 (The issue was addressed with improved validation of environment variab ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54530 (The issue was addressed with improved checks. This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54523 (The issue was addressed with improved bounds checks. This issue is fix ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54522 (The issue was addressed with improved bounds checks. This issue is fix ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54520 (A path handling issue was addressed with improved validation. This iss ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54519 (The issue was resolved by sanitizing logging. This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54518 (The issue was addressed with improved bounds checks. This issue is fix ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54517 (The issue was addressed with improved bounds checks. This issue is fix ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54516 (A permissions issue was addressed with additional restrictions. This i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54512 (The issue was addressed by removing the relevant flags. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54509 (An out-of-bounds write issue was addressed with improved input validat ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54507 (A type confusion issue was addressed with improved memory handling. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54499 (A use-after-free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54497 (The issue was addressed with improved checks. This issue is fixed in i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54488 (A logic issue was addressed with improved file handling. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54478 (An out-of-bounds access issue was addressed with improved bounds check ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54475 (A privacy issue was addressed with improved private data redaction for ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54468 (The issue was addressed with improved checks. This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-53881 (NVIDIA vGPU software contains a vulnerability in the host driver, wher ...)
 	NOT-FOR-US: NVIDIA vGPU software
 CVE-2024-48662 (Cross Site Scripting vulnerability in AdGuard Application v.7.18.1 (47 ...)
@@ -219,7 +219,7 @@ CVE-2024-45340 (Credentials provided via the new GOAUTH feature were not being p
 CVE-2024-45339 (When logs are written to a widely-writable directory (the default), an ...)
 	TODO: check
 CVE-2024-44172 (A privacy issue was addressed with improved private data redaction for ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-37526 (IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization1.8, 2. ...)
 	NOT-FOR-US: IBM
 CVE-2024-28786 (IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in c ...)
@@ -239,17 +239,17 @@ CVE-2024-12807 (The Social Share Buttons for WordPress plugin through 2.7 does n
 CVE-2024-12723 (The Infility Global WordPress plugin through 2.9.8 does not sanitise a ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-12649 (Buffer overflow in XPS data font processing of Small Office Multifunct ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2024-12648 (Buffer overflow in TIFF data EXIF tag processing of Small Office Multi ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2024-12647 (Buffer overflow in CPCA font download processing of Small Office Multi ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2024-11135 (The Eventer plugin for WordPress is vulnerable to SQL Injection via th ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0146 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
 	NOT-FOR-US: NVIDIA vGPU software
 CVE-2024-0140 (NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0137 (NVIDIA Container Toolkit contains an improper isolation vulnerability  ...)
 	NOT-FOR-US: NVIDIA Container Toolkit
 CVE-2024-0136 (NVIDIA Container Toolkit contains an improper isolation vulnerability  ...)
@@ -375,7 +375,7 @@ CVE-2025-23529 (Missing Authorization vulnerability in Blokhaus Minterpress allo
 CVE-2025-23457 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-23197 (matrix-hookshot is a Matrix bot for connecting to external services li ...)
-	TODO: check
+	NOT-FOR-US: matrix-hookshot
 CVE-2025-22604 (Cacti is an open source performance and fault management framework. Du ...)
 	- cacti <unfixed>
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00c6eff3add0cfaeb6e48e1041678f496f1857fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00c6eff3add0cfaeb6e48e1041678f496f1857fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250128/092c0d00/attachment.htm>

More information about the debian-security-tracker-commits mailing list