[Git][security-tracker-team/security-tracker][master] Associate some old NFUs with itp'ed entry for gestioip

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e65ef1dd by Salvatore Bonaccorso at 2025-07-31T22:37:54+02:00
Associate some old NFUs with itp'ed entry for gestioip

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -136,7 +136,7 @@ CVE-2013-10042 (A stack-based buffer overflow vulnerability exists in freeFTPd v
 CVE-2013-10040 (ClipBucket version 2.6 and earlier contains a critical vulnerability i ...)
 	NOT-FOR-US: ClipBucket
 CVE-2013-10039 (A command injection vulnerability exists in GestioIP 3.0 commit ac67be ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2013-10038 (An unauthenticated arbitrary file upload vulnerability exists in Flash ...)
 	NOT-FOR-US: FlashChat
 CVE-2013-10037 (An OS command injection vulnerability exists in WebTester version 5.x  ...)
@@ -63403,17 +63403,17 @@ CVE-2024-54142 (Discourse AI is a Discourse plugin which provides a number of AI
 CVE-2024-53277 (Silverstripe Framework is a PHP framework which powers the Silverstrip ...)
 	NOT-FOR-US: Silverstripe framework
 CVE-2024-50861 (The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable t ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2024-50859 (The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Refl ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2024-50858 (Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Req ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2024-50857 (The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site S ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2024-4227 (In Genivia gSOAP with a specific configuration an unauthenticated remo ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2024-48760 (An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitr ...)
-	NOT-FOR-US: GestioIP
+	- gestioip <itp> (bug #742110)
 CVE-2024-47605 (silverstripe-asset-admin is a silverstripe assets gallery for asset ma ...)
 	NOT-FOR-US: silverstripe-asset-admin
 CVE-2024-45102 (A privilege escalation vulnerability was discovered that could allow a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e65ef1dd7af8d13cd9b1686352e8d4ec5c8984c7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e65ef1dd7af8d13cd9b1686352e8d4ec5c8984c7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250731/4cdbda4e/attachment.htm>