Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
609f5e65 by Moritz Muehlenhoff at 2024-04-11T16:42:45+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50,7 +50,7 @@ CVE-2024-30916 (An issue was discovered in eProsima FastDDS
v.2.14.0 and before,
[bullseye] - fastdds <no-dsa> (Minor issue)
NOTE: https://github.com/eProsima/Fast-DDS/issues/4609
CVE-2024-30915 (An issue was discovered in OpenDDS commit
b1c534032bb62ad4ae32609778de ...)
- TODO: check
+ NOT-FOR-US: OpenDDS
CVE-2024-30885 (Reflected Cross-Site Scripting (XSS) vulnerability in HadSky
v7.6.3, a ...)
NOT-FOR-US: HadSky
CVE-2024-30884 (Reflected Cross-Site Scripting (XSS) vulnerability in Discuz!
version ...)
@@ -304,9 +304,9 @@ CVE-2024-23735 (Cross Site Scripting (XSS) vulnerability in
in the S/MIME certif
CVE-2024-23734 (Cross Site Request Forgery vulnerability in in the upload
functionalit ...)
NOT-FOR-US: savignano S/Notify
CVE-2024-23083 (Time4J Base v5.9.3 was discovered to contain a
NullPointerException vi ...)
- TODO: check
+ NOT-FOR-US: Time4J Base
CVE-2024-23080 (Joda Time v2.12.5 was discovered to contain a
NullPointerException via ...)
- TODO: check
+ NOT-FOR-US: Joda Time
CVE-2024-23077 (JFreeChart v1.5.4 was discovered to be vulnerable to
ArrayIndexOutOfBo ...)
- libjfreechart-java <unfixed>
CVE-2024-23076 (FreeChart v1.5.4 was discovered to contain a
NullPointerException via ...)
@@ -338,19 +338,19 @@ CVE-2024-1740 (In lunary-ai/lunary version 1.0.1, a
vulnerability exists where a
CVE-2024-1728 (gradio-app/gradio is vulnerable to a local file inclusion
vulnerabilit ...)
NOT-FOR-US: Gradio
CVE-2024-1643 (By knowing an organization's ID, an attacker can join the
organization ...)
- TODO: check
+ NOT-FOR-US: lunary-ai/lunary
CVE-2024-1625 (An Insecure Direct Object Reference (IDOR) vulnerability exists
in the ...)
- TODO: check
+ NOT-FOR-US: lunary-ai/lunary
CVE-2024-1602 (parisneo/lollms-webui is vulnerable to stored Cross-Site
Scripting (XS ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms-webui
CVE-2024-1600 (A Local File Inclusion (LFI) vulnerability exists in the
parisneo/loll ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms-webui
CVE-2024-1599 (lunary-ai/lunary version 0.3.0 is vulnerable to unauthorized
project c ...)
NOT-FOR-US: lunary-ai/lunary
CVE-2024-1520 (An OS Command Injection vulnerability exists in the
'/open_code_folder ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms-webui
CVE-2024-1511 (The parisneo/lollms-webui repository is susceptible to a path
traversa ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms-webui
CVE-2024-0218 (A Denial of Service (Dos) vulnerability in Nozomi Networks
Guardian, c ...)
NOT-FOR-US: Nozomi Networks Guardian
CVE-2023-6916 (Audit records for OpenAPI requests may include sensitive
information. ...)
@@ -1532,7 +1532,7 @@ CVE-2024-23584 (The NMAP Importer service may expose data
store credentials to a
CVE-2024-23084 (Apfloat v1.10.1 was discovered to contain an
ArrayIndexOutOfBoundsExce ...)
- libapfloat-java <unfixed>
CVE-2024-23081 (ThreeTen Backport v1.6.8 was discovered to contain a
NullPointerExcept ...)
- TODO: check
+ NOT-FOR-US: ThreeTen Backport
CVE-2024-23079 (JGraphT Core v1.5.2 was discovered to contain a
NullPointerException v ...)
- jgrapht <unfixed>
CVE-2024-22949 (JFreeChart v1.5.4 was discovered to contain a
NullPointerException via ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/609f5e65ca7929de8337764f58d4a44ce3cf7b8f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/609f5e65ca7929de8337764f58d4a44ce3cf7b8f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
