[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 11 Feb 2024 12:22:57 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
daef7225 by Salvatore Bonaccorso at 2024-02-11T21:21:15+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2024-25722 (qanything_kernel/connector/database/mysql/mysql_client.py in 
qanything ...)
-       TODO: check
+       NOT-FOR-US: qanything.ai QAnything
 CVE-2024-25718 (In the Samly package before 1.4.0 for Elixir, 
Samly.State.Store.get_as ...)
-       TODO: check
+       NOT-FOR-US: Samly
 CVE-2024-25715 (Glewlwyd SSO server 2.x through 2.7.6 allows open redirection 
via redi ...)
        TODO: check
 CVE-2024-25714 (In Rhonabwy through 1.1.13, HMAC signature verification uses a 
strcmp  ...)
@@ -11,21 +11,21 @@ CVE-2024-25713 (yyjson through 0.8.0 has a double free, 
leading to remote code e
 CVE-2024-25712 (http-swagger before 1.2.6 allows XSS via PUT requests, because 
a file  ...)
        TODO: check
 CVE-2024-23724 (Ghost through 5.76.0 allows stored XSS, and resultant 
privilege escala ...)
-       TODO: check
+       NOT-FOR-US: Ghost CMS
 CVE-2024-21875 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)
-       TODO: check
+       NOT-FOR-US: Team Hacker Hotel Badge
 CVE-2024-1432 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in 
DeepFaceL ...)
-       TODO: check
+       NOT-FOR-US: DeepFaceLab
 CVE-2024-1431 (A vulnerability was found in Netgear R7000 1.0.11.136_10.2.120 
and cla ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2024-1430 (A vulnerability has been found in Netgear R7000 
1.0.11.136_10.2.120 an ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2024-1151 (A vulnerability was reported in the Open vSwitch sub-component 
in the  ...)
        TODO: check
 CVE-2023-52428 (In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can 
cause a d ...)
-       TODO: check
+       NOT-FOR-US: Connect2id Nimbus JOSE+JWT
 CVE-2023-52427 (In OpenDDS through 3.27, there is a segmentation fault for a 
DataWrite ...)
-       TODO: check
+       NOT-FOR-US: OpenDDS
 CVE-2024-23517 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-23516 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/daef72252b811b1fb1224f9946d9dc16488b3525

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/daef72252b811b1fb1224f9946d9dc16488b3525
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to