[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 16 Aug 2024 23:35:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6ee8209d by Salvatore Bonaccorso at 2024-08-17T08:34:47+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-7646 (A security issue was discovered in ingress-nginx where an actor 
with p ...)
-       TODO: check
+       NOT-FOR-US: Kubernetes ingress-nginx
 CVE-2024-7147 (The JetBlocks for Elementor plugin for WordPress is vulnerable 
to Stor ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-7146 (The JetTabs for Elementor plugin for WordPress is vulnerable to 
Local  ...)
@@ -79,9 +79,9 @@ CVE-2024-42462 (Improper Authentication vulnerability in 
upKeeper Solutions prod
 CVE-2024-2175 (An insecure permissions vulnerability was reported inLenovo 
Display Co ...)
        TODO: check
 CVE-2024-25837 (A stored cross-site scripting (XSS) vulnerability in October 
CMS Blogh ...)
-       TODO: check
+       NOT-FOR-US: October CMS Bloghub Plugin
 CVE-2024-25008 (Ericsson RAN Compute and Site Controller 6610 contains a 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Ericsson
 CVE-2023-5888
        REJECTED
 CVE-2023-47728 (IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM 
Cloud Pa ...)
@@ -139,29 +139,29 @@ CVE-2024-42488 (Cilium is a networking, observability, 
and security solution wit
 CVE-2024-42487 (Cilium is a networking, observability, and security solution 
with an e ...)
        - cilium <itp> (bug #858303)
 CVE-2024-34743 (In setTransactionState of SurfaceFlinger.cpp, there is a 
possible way  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34742 (In shouldWrite of OwnersData.java, there is a possible edge 
case that  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34741 (In setForceHideNonSystemOverlayWindowIfNeeded of 
WindowState.java, the ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34740 (In attributeBytesBase64 and attributeBytesHex of 
BinaryXmlSerializer.j ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34739 (In shouldRestrictOverlayActivities of 
UsbProfileGroupSettingsManager.j ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34738 (In multiple functions of AppOpsService.java, there is a 
possible way f ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34737 (In ensureSetPipAspectRatioQuotaTracker of 
ActivityClientController.jav ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34736 (In setupVideoEncoder of StagefrightRecorder.cpp, there is a 
possible a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34734 (In onForegroundServiceButtonClicked of 
FooterActionsViewModel.kt, ther ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34731 (In multiple functions of TranscodingResourcePolicy.cpp, there 
is a pos ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34727 (In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a 
possible ou ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31333 (In _MMU_AllocLevel of mmu_common.c, there is a possible 
arbitrary code ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2023-7049 (The Custom Field For WP Job Manager plugin for WordPress is 
vulnerable ...)
        TODO: check
 CVE-2024-43374 (The UNIX editor Vim prior to version 9.1.0678 has a 
use-after-free err ...)
@@ -426,7 +426,7 @@ CVE-2024-42435 (Sensitive information disclosure in some 
Zoom Workplace Apps, SD
 CVE-2024-42434 (Sensitive information disclosure in some Zoom Workplace Apps, 
SDKs, Ro ...)
        NOT-FOR-US: Zoom
 CVE-2024-42360 (SequenceServer lets you rapidly set up a BLAST+ server with an 
intuiti ...)
-       TODO: check
+       NOT-FOR-US: SequenceServer
 CVE-2024-41866 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are 
affected by ...)
        NOT-FOR-US: Adobe
 CVE-2024-41865 (Dimension versions 3.4.11 and earlier are affected by an 
Untrusted Sea ...)
@@ -1140,7 +1140,7 @@ CVE-2023-31304 (Improper input validation in SMU may 
allow an attacker with priv
 CVE-2024-7715 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in 
D-Link DN ...)
        NOT-FOR-US: D-Link
 CVE-2024-7709 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: OcoMon
 CVE-2024-7707 (A vulnerability was found in Tenda FH1206 02.03.01.35 and 
classified a ...)
        NOT-FOR-US: Tenda
 CVE-2024-7706 (A vulnerability was found in Fujian mwcms 1.0.0. It has been 
rated as  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ee8209d80609e4a07698e77c01f52b7bc2ed63d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ee8209d80609e4a07698e77c01f52b7bc2ed63d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to