[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 19 Feb 2024 12:30:00 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c774c806 by Salvatore Bonaccorso at 2024-02-19T21:27:26+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,17 +11,17 @@ CVE-2024-25979 (The URL parameters accepted by forum search 
were not limited to
 CVE-2024-25978 (Insufficient file size checks resulted in a denial of service 
risk in  ...)
        - moodle <removed>
 CVE-2024-25640 (Iris is a web collaborative platform that helps incident 
responders sh ...)
-       TODO: check
+       NOT-FOR-US: Iris
 CVE-2024-25636 (Misskey is an open source, decentralized social media platform 
with Ac ...)
-       TODO: check
+       NOT-FOR-US: Misskey
 CVE-2024-25635 (alf.io is an open source ticket reservation system. Prior to 
version 2 ...)
-       TODO: check
+       NOT-FOR-US: Alf.io
 CVE-2024-25634 (alf.io is an open source ticket reservation system. Prior to 
version 2 ...)
-       TODO: check
+       NOT-FOR-US: Alf.io
 CVE-2024-25626 (Yocto Project is an open source collaboration project that 
helps devel ...)
        TODO: check
 CVE-2024-25625 (Pimcore's Admin Classic Bundle provides a Backend UI for 
Pimcore. A po ...)
-       TODO: check
+       NOT-FOR-US: Pimcore's Admin Classic Bundle
 CVE-2024-25623 (Mastodon is a free, open-source social network server based on 
Activit ...)
        TODO: check
 CVE-2024-1633 (During the secure boot, bl2 (the second stage of the 
bootloader) loops ...)
@@ -31,13 +31,13 @@ CVE-2024-1597 (pgjdbc, the PostgreSQL JDBC Driver, allows 
attacker to inject SQL
 CVE-2024-1580 (An integer overflow in dav1d AV1 decoder that can occur when 
decoding  ...)
        TODO: check
 CVE-2024-1346 (Weak MySQL database root password in LaborOfficeFree affects 
version 1 ...)
-       TODO: check
+       NOT-FOR-US: LaborOfficeFree
 CVE-2024-1345 (Weak MySQL database root password in LaborOfficeFree affects 
version 1 ...)
-       TODO: check
+       NOT-FOR-US: LaborOfficeFree
 CVE-2024-1344 (Encrypted database credentials in LaborOfficeFree affecting 
version 19 ...)
-       TODO: check
+       NOT-FOR-US: LaborOfficeFree
 CVE-2024-1343 (A weak permission was found in the backup directory in 
LaborOfficeFree ...)
-       TODO: check
+       NOT-FOR-US: LaborOfficeFree
 CVE-2023-50257 (eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation 
of the  ...)
        TODO: check
 CVE-2024-26308 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c774c80666087256f3112fae03936572cba64324

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c774c80666087256f3112fae03936572cba64324
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to