[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 02 Jul 2024 14:02:58 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
45052991 by Salvatore Bonaccorso at 2024-07-02T23:02:10+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2024-6452 (A vulnerability classified as critical was 
found in linlinjava li
 CVE-2024-6441 (A vulnerability was found in ORIPA up to 1.72. It has been 
declared as ...)
        TODO: check
 CVE-2024-6440 (A vulnerability was found in SourceCodester Home Owners 
Collection Man ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Home Owners Collection Management System
 CVE-2024-6439 (A vulnerability was found in SourceCodester Home Owners 
Collection Man ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Home Owners Collection Management System
 CVE-2024-6438 (A vulnerability has been found in Hitout Carsale 1.0 and 
classified as ...)
-       TODO: check
+       NOT-FOR-US: Hitout Carsale
 CVE-2024-6382 (Incorrect handling of certain string inputs may result in 
MongoDB Rust ...)
        TODO: check
 CVE-2024-6381 (The bson_strfreev function in the MongoDB C driver library may 
be susc ...)
@@ -15,35 +15,35 @@ CVE-2024-6381 (The bson_strfreev function in the MongoDB C 
driver library may be
 CVE-2024-6341
        REJECTED
 CVE-2024-6264 (The Post Meta Data Manager plugin for WordPress is vulnerable 
to Store ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6099 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6088 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6012 (The Cost Calculator Builder plugin for WordPress is vulnerable 
to unau ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6011 (The Cost Calculator Builder plugin for WordPress is vulnerable 
to Stor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5866 (Vulnerability in Delinea Centrify PAS v. 21.3 and possibly 
others. The ...)
-       TODO: check
+       NOT-FOR-US: Delinea Centrify PAS
 CVE-2024-5865 (Vulnerability in Delinea Centrify PAS v. 21.3 and possibly 
others. The ...)
-       TODO: check
+       NOT-FOR-US: Delinea Centrify PAS
 CVE-2024-5260 (The Sina Extension for Elementor (Slider, Gallery, Form, Modal, 
Data T ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4897 (parisneo/lollms-webui, in its latest version, is vulnerable to 
remote  ...)
        TODO: check
 CVE-2024-4836 (Web services managed by Edito CMS (Content Management System) 
in versi ...)
-       TODO: check
+       NOT-FOR-US: Edito CMS
 CVE-2024-4467 (A flaw was found in the QEMU disk image utility (qemu-img) 
'info' comm ...)
        TODO: check
 CVE-2024-4268 (The Ultimate Blocks \u2013 WordPress Blocks Plugin plugin for 
WordPres ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3826 (In versions of Akana in versions prior to and including 
2022.1.3 valid ...)
        TODO: check
 CVE-2024-39894 (OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing 
attacks aga ...)
        TODO: check
 CVE-2024-39891 (In the Twilio Authy API, accessed by Authy Android before 
25.1.0 and A ...)
-       TODO: check
+       NOT-FOR-US: Twilio Authy API
 CVE-2024-39323 (aimeos/ai-admin-graphql is the Aimeos GraphQL API admin 
interface. Sta ...)
        TODO: check
 CVE-2024-39316 (Rack is a modular Ruby web server interface. Starting in 
version 3.1.0 ...)
@@ -51,11 +51,11 @@ CVE-2024-39316 (Rack is a modular Ruby web server 
interface. Starting in version
 CVE-2024-39315 (Pomerium is an identity and context-aware access proxy. Prior 
to versi ...)
        TODO: check
 CVE-2024-39206 (An issue discovered in MSP360 Backup Agent v7.8.5.15 and 
v7.9.4.84 all ...)
-       TODO: check
+       NOT-FOR-US: MSP360 Backup Agent
 CVE-2024-39143 (A stored cross-site scripting (XSS) vulnerability exists in 
ResidenceC ...)
-       TODO: check
+       NOT-FOR-US: ResidenceCMS
 CVE-2024-39119 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-38857 (Improper neutralization of input in Checkmk before versions 
2.3.0p8, 2 ...)
        TODO: check
 CVE-2024-38537 (Fides is an open-source privacy engineering platform. 
`fides.js`, a cl ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/450529916e45f132fd7b9a5cca1e05c1da961769

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/450529916e45f132fd7b9a5cca1e05c1da961769
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to