[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 10 Jul 2024 03:01:46 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3ce5b033 by Salvatore Bonaccorso at 2024-07-10T11:38:23+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,19 +21,19 @@ CVE-2024-4866 (The UltraAddons \u2013 Elementor Addons 
(Header Footer Builder, C
 CVE-2024-39927 (Out-of-bounds write vulnerability exists in Ricoh MFPs and 
printers. I ...)
        NOT-FOR-US: Ricoh
 CVE-2024-39901 (OpenSearch Observability is collection of plugins and 
applications tha ...)
-       TODO: check
+       NOT-FOR-US: OpenSearch Observability collection of plugins and 
applications
 CVE-2024-39900 (OpenSearch Dashboards Reports allows \u2018Report Owner\u2019 
export a ...)
-       TODO: check
+       NOT-FOR-US: OpenSearch Dashboards Reports
 CVE-2024-39886 (TONE store App version 3.4.2 and earlier contains an issue 
with unprot ...)
-       TODO: check
+       NOT-FOR-US: TONE
 CVE-2024-39883 (Delta Electronics CNCSoft-G2 lacks proper validation of the 
length of  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2024-39882 (Delta Electronics CNCSoft-G2 lacks proper validation of 
user-supplied  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2024-39881 (Delta Electronics CNCSoft-G2 lacks proper validation of 
user-supplied  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2024-39880 (Delta Electronics CNCSoft-G2 lacks proper validation of the 
length of  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2024-39614 (An issue was discovered in Django 5.0 before 5.0.7 and 4.2 
before 4.2. ...)
        - python-django 3:4.2.14-1 (bug #1076069)
        NOTE: 
https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
@@ -47,31 +47,31 @@ CVE-2024-39329 (An issue was discovered in Django 5.0 
before 5.0.7 and 4.2 befor
        NOTE: 
https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
        NOTE: 
https://github.com/django/django/commit/156d3186c96e3ec2ca73b8b25dc2ef366e38df14
 (4.2.14)
 CVE-2024-39181 (Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was 
discovered ...)
-       TODO: check
+       NOT-FOR-US: Shenzhen Libituo Technology Co., Ltd LBT-T300-T400
 CVE-2024-39072 (AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: AMTT Hotel Broadband Operation System (HiBOS)
 CVE-2024-39071 (Fujian Kelixun <=7.6.6.4391 is vulnerable to SQL Injection in 
send_eve ...)
-       TODO: check
+       NOT-FOR-US: Fujian Kelixun
 CVE-2024-39069 (An issue in ifood Order Manager v3.35.5 'Gestor de 
Peddios.exe' allows ...)
-       TODO: check
+       NOT-FOR-US: ifood Order Manager
 CVE-2024-39031 (In Silverpeas Core <= 6.3.5, inside of mes agendas a user can 
create a ...)
-       TODO: check
+       NOT-FOR-US: Silverpeas Core
 CVE-2024-38963 (Nopcommerce 4.70.1 is vulnerable to Cross Site Scripting (XSS) 
via the ...)
-       TODO: check
+       NOT-FOR-US: Nopcommerce
 CVE-2024-38959 (Cross Site Scripting vulnerability in Creativeitem Academy LMS 
Learnin ...)
-       TODO: check
+       NOT-FOR-US: Creativeitem Academy LMS Learning Management System
 CVE-2024-38875 (An issue was discovered in Django 4.2 before 4.2.14 and 5.0 
before 5.0 ...)
        - python-django 3:4.2.14-1 (bug #1076069)
        NOTE: 
https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
        NOTE: 
https://github.com/django/django/commit/79f368764295df109a37192f6182fb6f361d85b5
 (4.2.14)
 CVE-2024-38301 (Dell Alienware Command Center, version 5.7.3.0 and prior, 
contains an  ...)
-       TODO: check
+       NOT-FOR-US: Dell Alienware Command Center
 CVE-2024-37865 (An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in 
v.11.5.7 allo ...)
        TODO: check
 CVE-2024-37829 (An issue in Outline <= v0.76.1 allows attackers to execute a 
session h ...)
        TODO: check
 CVE-2024-36676 (Incorrect access control in BookStack before v24.05.1 allows 
attackers ...)
-       TODO: check
+       NOT-FOR-US: bookstack
 CVE-2024-36453 (Cross-site scripting vulnerability exists in session_login.cgi 
of Webm ...)
        TODO: check
 CVE-2024-36452 (Cross-site request forgery vulnerability exists in ajaxterm 
module of  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ce5b033da4f29c7d04811d7a40e7198a284312b

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ce5b033da4f29c7d04811d7a40e7198a284312b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to