[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7689d342 by Salvatore Bonaccorso at 2024-07-08T21:48:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2024-37389 (Apache NiFi 1.10.0 through 1.26.0 and 
2.0.0-M1 through 2.0.0-M3
 CVE-2024-34603 (Improper access control in Samsung Message prior to SMR 
Jul-2024 Relea ...)
        TODO: check
 CVE-2024-34602 (Use of implicit intent for sensitive communication in Samsung 
Messages ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-31897 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 
19.0.1,  ...)
        NOT-FOR-US: IBM
 CVE-2024-6229 (A stored cross-site scripting (XSS) vulnerability exists in the 
'Uploa ...)
-       TODO: check
+       NOT-FOR-US: stangirard/quivr
 CVE-2024-40614 (EGroupware before 23.1.20240624 mishandles an ORDER BY clause.)
-       TODO: check
+       NOT-FOR-US: EGroupware
 CVE-2024-40605 (An issue was discovered in the Foreground skin for MediaWiki 
through 1 ...)
        NOT-FOR-US: Foreground skin for MediaWiki
 CVE-2024-40604 (An issue was discovered in the Nimbus skin for MediaWiki 
through 1.42. ...)
@@ -526,7 +526,7 @@ CVE-2024-6439 (A vulnerability was found in SourceCodester 
Home Owners Collectio
 CVE-2024-6438 (A vulnerability has been found in Hitout Carsale 1.0 and 
classified as ...)
        NOT-FOR-US: Hitout Carsale
 CVE-2024-6382 (Incorrect handling of certain string inputs may result in 
MongoDB Rust ...)
-       TODO: check
+       NOT-FOR-US: MongoDB rust driver
 CVE-2024-6381 (The bson_strfreev function in the MongoDB C driver library may 
be susc ...)
        - mongo-c-driver 1.26.2-1
        NOTE: https://jira.mongodb.org/browse/CDRIVER-5622



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7689d3421ef90cf485d7cdb6ff4030a74bc1ff70

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7689d3421ef90cf485d7cdb6ff4030a74bc1ff70
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits