[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 09 Sep 2024 13:20:03 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ec350ae1 by Salvatore Bonaccorso at 2024-09-09T22:19:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2024-8605 (A vulnerability classified as problematic was found in 
code-projects I ...)
-       TODO: check
+       NOT-FOR-US: code-projects Inventory Management
 CVE-2024-8604 (A vulnerability classified as problematic has been found in 
SourceCode ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online Food Ordering System
 CVE-2024-8601 (This vulnerability exists in TechExcel Back Office Software 
versions p ...)
-       TODO: check
+       NOT-FOR-US: TechExcel Back Office Software
 CVE-2024-8373 (Improper sanitization of the value of the [srcset] attribute in 
<sourc ...)
        TODO: check
 CVE-2024-8372 (Improper sanitization of the value of the '[srcset]' attribute 
in Angu ...)
        TODO: check
 CVE-2024-8042 (Rapid7 Insight Platform versions between November 2019 and 
August 14,  ...)
-       TODO: check
+       NOT-FOR-US: Rapid7 Insight Platform
 CVE-2024-7341 (A session fixation issue was discovered in the SAML adapters 
provided  ...)
        TODO: check
 CVE-2024-7318 (A vulnerability was found in Keycloak. Expired OTP codes are 
still usa ...)
-       TODO: check
+       NOT-FOR-US: Keycloak
 CVE-2024-7260 (An open redirect vulnerability was found in Keycloak. A 
specially craf ...)
-       TODO: check
+       NOT-FOR-US: Keycloak
 CVE-2024-7015 (Improper Authentication, Missing Authentication for Critical 
Function, ...)
        TODO: check
 CVE-2024-6796 (In Baxter Connex health portal released before 8/30/2024, an 
improper  ...)
@@ -27,7 +27,7 @@ CVE-2024-6572 (Improper host key checking in active check 
'Check SFTP Service' a
 CVE-2024-45411 (Twig is a template language for PHP. Under some circumstances, 
the san ...)
        TODO: check
 CVE-2024-45406 (Craft is a content management system (CMS). Craft CMS 5 stored 
XSS can ...)
-       TODO: check
+       NOT-FOR-US: Craft CMS
 CVE-2024-45296 (path-to-regexp turns path strings into a regular expressions. 
In certa ...)
        TODO: check
 CVE-2024-45041 (External Secrets Operator is a Kubernetes operator that 
integrates ext ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec350ae1052348a6004792857748f0f942d0353f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec350ae1052348a6004792857748f0f942d0353f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to