[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 21 Mar 2024 01:31:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ba397bab by Salvatore Bonaccorso at 2024-03-21T09:30:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2024-2754 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Complete E-Commerce Site
 CVE-2024-2748 (A Cross Site Request Forgery vulnerability was identified in 
GitHub En ...)
        TODO: check
 CVE-2024-2720 (A vulnerability classified as problematic was found in 
Campcodes Compl ...)
-       TODO: check
+       NOT-FOR-US: Campcodes Complete Online DJ Booking System
 CVE-2024-2719 (A vulnerability classified as problematic has been found in 
Campcodes  ...)
-       TODO: check
+       NOT-FOR-US: Campcodes Complete Online DJ Booking System
 CVE-2024-2718 (A vulnerability was found in Campcodes Complete Online DJ 
Booking Syst ...)
-       TODO: check
+       NOT-FOR-US: Campcodes Complete Online DJ Booking System
 CVE-2024-2717 (A vulnerability was found in Campcodes Complete Online DJ 
Booking Syst ...)
-       TODO: check
+       NOT-FOR-US: Campcodes Complete Online DJ Booking System
 CVE-2024-2469 (An attacker with an Administrator role in GitHub Enterprise 
Server cou ...)
        TODO: check
 CVE-2024-2443 (A command injection vulnerability was identified in GitHub 
Enterprise  ...)
@@ -19,33 +19,33 @@ CVE-2024-2162 (An OS Command Injection vulnerability in 
Kiloview NDI allows a lo
 CVE-2024-2161 (Use of Hard-coded Credentials in Kiloview NDI allows 
un-authenticated  ...)
        TODO: check
 CVE-2024-29864 (Distrobox before 1.7.0.1 allows attackers to execute arbitrary 
code vi ...)
-       TODO: check
+       NOT-FOR-US: Distrobox
 CVE-2024-29862 (The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder 
before 4. ...)
-       TODO: check
+       NOT-FOR-US: Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder
 CVE-2024-29859 (In MISP before 2.4.187, add_misp_export in 
app/Controller/EventsContro ...)
-       TODO: check
+       NOT-FOR-US: MISP
 CVE-2024-29858 (In MISP before 2.4.187, __uploadLogo in 
app/Controller/OrganisationsCo ...)
-       TODO: check
+       NOT-FOR-US: MISP
 CVE-2024-29474 (OneBlog v2.3.4 was discovered to contain a stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: OneBlog
 CVE-2024-29473 (OneBlog v2.3.4 was discovered to contain a stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: OneBlog
 CVE-2024-29472 (OneBlog v2.3.4 was discovered to contain a stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: OneBlog
 CVE-2024-29471 (OneBlog v2.3.4 was discovered to contain a stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: OneBlog
 CVE-2024-29470 (OneBlog v2.3.4 was discovered to contain a stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: OneBlog
 CVE-2024-29469 (A stored cross-site scripting (XSS) vulnerability in OneBlog 
v2.3.4 al ...)
-       TODO: check
+       NOT-FOR-US: OneBlog
 CVE-2024-29037 (datahub-helm provides the Kubernetes Helm charts for deploying 
Datahub ...)
        TODO: check
 CVE-2024-29036 (Saleor Storefront is software for building e-commerce 
experiences. Pri ...)
-       TODO: check
+       NOT-FOR-US: Saleor Storefront
 CVE-2024-29033 (OAuthenticator provides plugins for JupyterHub to use common 
OAuth pro ...)
        TODO: check
 CVE-2024-29032 (Qiskit IBM Runtime is an environment that streamlines quantum 
computat ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-29026 (Owncast is an open source, self-hosted, decentralized, single 
user liv ...)
        TODO: check
 CVE-2024-29018 (Moby is an open source container framework that is a key 
component of  ...)
@@ -55,7 +55,7 @@ CVE-2024-28916 (Xbox Gaming Services Elevation of Privilege 
Vulnerability)
 CVE-2024-28835 (A flaw has been discovered in GnuTLS where an application 
crash can be ...)
        TODO: check
 CVE-2024-28635 (Cross Site Scripting (XSS) vulnerability in SurveyJS Survey 
Creator v. ...)
-       TODO: check
+       NOT-FOR-US: SurveyJS Survey Creator
 CVE-2024-25294 (An SSRF issue in REBUILD v.3.5 allows a remote attacker to 
obtain sens ...)
        TODO: check
 CVE-2024-24050 (Cross Site Scripting (XSS) vulnerability in Sourcecodester 
Workout Jou ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba397babf77183ca211fd2ac7f084d9367a19b1b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba397babf77183ca211fd2ac7f084d9367a19b1b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to