[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Followup fix for indentation
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 4 20:22:27 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
50233138 by Salvatore Bonaccorso at 2025-03-04T21:21:37+01:00
auto-nfu: Followup fix for indentation
- - - - -
c26c60c4 by Salvatore Bonaccorso at 2025-03-04T21:22:00+01:00
Process some NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -809,47 +809,47 @@ CVE-2024-53012 (Memory corruption may occur due to improper input validation in
CVE-2024-53011 (Information disclosure may occur due to improper permission and access ...)
TODO: check
CVE-2024-51966 (There is a path traversal vulnerability in ESRI ArcGIS Server versions ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51963 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51962 (A SQL injection vulnerability in ArcGIS Server allows an EDIToperation ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51961 (There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51960 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51959 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51958 (There is a path traversal vulnerability in ESRI ArcGIS Server versions ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51957 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51956 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51954 (There is an improper access control issue in ArcGIS Server versions 10 ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51953 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51952 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51951 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51950 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51949 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51948 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51947 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51946 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51945 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51944 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51942 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51091 (Cross Site Scripting vulnerability in seajs v.2.2.3 allows a remote at ...)
TODO: check
CVE-2024-49836 (Memory corruption may occur during the synchronization of the camera`s ...)
@@ -885,7 +885,7 @@ CVE-2024-38426 (While processing the authentication message in UE, improper auth
CVE-2024-30154 (HCL SX is vulnerable to cross-site request forgery vulnerability which ...)
TODO: check
CVE-2024-10904 (There is a stored Cross-site Scripting vulnerability in ArcGIS Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2023-49031 (Directory Traversal (Local File Inclusion) vulnerability in Tikit (now ...)
TODO: check
CVE-2024-24778 (Improper privilege management in a REST interface allowed registered u ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -25,7 +25,7 @@
allOf:
- cna: adobe
- not:
- product: XMP Toolkit
+ product: XMP Toolkit
# Description based rules
- reason: D-Link
description: '.*\b(?i: d-link)\b.*'
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5fe41558e60490f2a1f71d694139bf7c7111b37...c26c60c4bb811f8b8738f59831d4d67134cd95ae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5fe41558e60490f2a1f71d694139bf7c7111b37...c26c60c4bb811f8b8738f59831d4d67134cd95ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250304/ca5ceaa0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list