[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 28 21:10:48 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
befb8300 by Salvatore Bonaccorso at 2025-01-28T22:10:21+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77,13 +77,13 @@ CVE-2024-34732 (In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitr
 CVE-2024-23953 (Use of Arrays.equals() in LlapSignerImpl inApache Hive to compare mess ...)
 	TODO: check
 CVE-2024-13527 (The Philantro \u2013 Donations and Donor Management plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13484 (A flaw was found in ArgoCD. The openshift.io/cluster-monitoring label  ...)
-	TODO: check
+	NOT-FOR-US: ArgoCD
 CVE-2024-11956 (A vulnerability, which was classified as critical, has been found in P ...)
-	TODO: check
+	NOT-FOR-US: Pimcore customer-data-framework
 CVE-2024-11954 (A vulnerability classified as problematic was found in Pimcore 11.4.2. ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2025-24810 (Cross-site scripting vulnerability exists in Simple Image Sizes 3.2.3  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-24369 (Anubis is a tool that allows administrators to protect bots against AI ...)
@@ -196212,7 +196212,7 @@ CVE-2022-3367
 CVE-2022-3366 (The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3365 (Due to reliance on a trivial substitution cipher, sent in cleartext, a ...)
-	TODO: check
+	NOT-FOR-US: Rapid7
 CVE-2022-3364 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
 	- rdiffweb <itp> (bug #969974)
 CVE-2022-3363 (Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2 ...)
@@ -223772,7 +223772,7 @@ CVE-2020-36524 (A vulnerability was found in Refined Toolkit. It has been rated
 CVE-2020-36523 (A vulnerability was found in PlantUML 6.43. It has been declared as pr ...)
 	NOT-FOR-US: Atlassian PlantUML plugin
 CVE-2022-31749 (An argument injection vulnerability in the diagnose and import pac com ...)
-	TODO: check
+	NOT-FOR-US: WatchGuard Fireware OS
 CVE-2022-31748 (Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon ...)
 	- firefox 101.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/#CVE-2022-31748



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/befb83004150d52993b2495d0e1be4c1bbc27e3e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/befb83004150d52993b2495d0e1be4c1bbc27e3e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250128/21707fdd/attachment.htm>

More information about the debian-security-tracker-commits mailing list