[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 01 Mar 2024 00:41:38 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
412345be by Salvatore Bonaccorso at 2024-03-01T09:40:24+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
 CVE-2024-2045 (Session version 1.17.5 allows obtaining internal application 
files and ...)
        TODO: check
 CVE-2024-2022 (A vulnerability was found in Netentsec NS-ASG Application 
Security Gat ...)
-       TODO: check
+       NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
 CVE-2024-2021 (A vulnerability was found in Netentsec NS-ASG Application 
Security Gat ...)
-       TODO: check
+       NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
 CVE-2024-2016 (A vulnerability, which was classified as critical, was found in 
ZhiCms ...)
-       TODO: check
+       NOT-FOR-US: ZhiCms
 CVE-2024-2015 (A vulnerability, which was classified as critical, has been 
found in Z ...)
-       TODO: check
+       NOT-FOR-US: ZhiCms
 CVE-2024-2014 (A vulnerability classified as critical was found in Panabit 
Panalog 20 ...)
-       TODO: check
+       NOT-FOR-US: Panabit Panalog
 CVE-2024-27950 (Missing Authorization vulnerability in sirv.Com Image 
Optimizer, Resiz ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-27949 (Server-Side Request Forgery (SSRF) vulnerability in sirv.Com 
Image Opt ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-27294 (dp-golang is a Puppet module for Go installations.  Prior to 
1.2.7, dp ...)
        TODO: check
 CVE-2024-27292 (Docassemble is an expert system for guided interviews and 
document ass ...)
-       TODO: check
+       NOT-FOR-US: Docassemble
 CVE-2024-27291 (Docassemble is an expert system for guided interviews and 
document ass ...)
-       TODO: check
+       NOT-FOR-US: Docassemble
 CVE-2024-27290 (Docassemble is an expert system for guided interviews and 
document ass ...)
-       TODO: check
+       NOT-FOR-US: Docassemble
 CVE-2024-26196 (Microsoft Edge for Android (Chromium-based) Information 
Disclosure Vul ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-25578 (MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior 
contain ...)
-       TODO: check
+       NOT-FOR-US: MicroDicom DICOM Viewer
 CVE-2024-25554
        REJECTED
 CVE-2024-25553
        REJECTED
 CVE-2024-25552 (A local attacker can gain administrative privileges by 
inserting an ex ...)
-       TODO: check
+       NOT-FOR-US: VDE
 CVE-2024-25386 (Directory Traversal vulnerability in DICOM\xae Connectivity 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: laurelbridge
 CVE-2024-25293 (mjml-app versions 3.0.4 and 3.1.0-beta were discovered to 
contain a re ...)
-       TODO: check
+       NOT-FOR-US: mjml-app
 CVE-2024-25239 (SQL Injection vulnerability in Sourcecodester Employee 
Management Syst ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester Employee Management System
 CVE-2024-25167 (Cross Site Scripting vulnerability in eblog v1.0 allows a 
remote attac ...)
-       TODO: check
+       NOT-FOR-US: eblog
 CVE-2024-24520 (An issue in Lepton CMS v.7.0.0 allows a local attacker to 
execute arbi ...)
-       TODO: check
+       NOT-FOR-US: Lepton CMS
 CVE-2024-24028 (Server Side Request Forgery (SSRF) vulnerability in Likeshop 
before 2. ...)
-       TODO: check
+       NOT-FOR-US: Likeshop
 CVE-2024-22891 (Nteract v.0.28.0 was discovered to contain a remote code 
execution (RC ...)
        TODO: check
 CVE-2024-22100 (MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior 
are aff ...)
-       TODO: check
+       NOT-FOR-US: MicroDicom DICOM Viewer
 CVE-2024-1941 (Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are 
vulnerable  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2024-1859 (The Slider Responsive Slideshow \u2013 Image slider, Gallery 
slideshow ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0403 (Recipes version 1.5.10 allows arbitrary HTTP requests to be 
made  thro ...)
        TODO: check
 CVE-2023-52555 (In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by 
deletio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/412345bec472c7cc740ff5044865ee2a6af2d764

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/412345bec472c7cc740ff5044865ee2a6af2d764
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to