Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
51eea416 by Salvatore Bonaccorso at 2024-05-04T07:07:31+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -209,17 +209,17 @@ CVE-2024-3021 (The Mhr Post Ticker plugin for WordPress
is vulnerable to Stored
CVE-2024-3005 (The LA-Studio Element Kit for Elementor plugin for WordPress is
vulner ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34455 (Buildroot before 0b2967e lacks the sticky bit for the /dev/shm
directo ...)
- TODO: check
+ NOT-FOR-US: Buildroot
CVE-2024-34453 (TwoNav 2.1.13 contains an SSRF vulnerability via the url
paramater to ...)
NOT-FOR-US: TwoNav
CVE-2024-34449 (Vditor 3.10.3 allows XSS via an attribute of an A element.
NOTE: the v ...)
- TODO: check
+ NOT-FOR-US: Vditor
CVE-2024-34447 (An issue was discovered in Bouncy Castle Java Cryptography
APIs before ...)
TODO: check
CVE-2024-34446 (Mullvad VPN through 2024.1 on Android does not set a DNS
server in the ...)
NOT-FOR-US: Mullvad VPN
CVE-2024-34408 (Tencent libpag through 4.3.51 has an integer overflow in
DecodeStream: ...)
- TODO: check
+ NOT-FOR-US: libpag
CVE-2024-34404 (A vulnerability was discovered in the Alta Recovery Vault
feature of V ...)
NOT-FOR-US: Veritas NetBackup
CVE-2024-34403 (An issue was discovered in uriparser through 0.9.7.
ComposeQueryMalloc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51eea4168c50f83625c1530a22d7c1448ff0d179
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51eea4168c50f83625c1530a22d7c1448ff0d179
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
