[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 23 Sep 2024 13:40:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
67cfca11 by Salvatore Bonaccorso at 2024-09-23T22:39:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2024-47069 (Oveleon Cookie Bar is a cookie bar is for 
the Contao Open Source
 CVE-2024-47068 (Rollup is a module bundler for JavaScript. Versions prior to 
3.29.5 an ...)
        TODO: check
 CVE-2024-47066 (Lobe Chat is an open-source artificial intelligence chat 
framework. Pr ...)
-       TODO: check
+       NOT-FOR-US: Lobe Chat
 CVE-2024-46997 (DataEase is an open source data visualization analysis tool. 
Prior to  ...)
-       TODO: check
+       NOT-FOR-US: DataEase
 CVE-2024-46985 (DataEase is an open source data visualization analysis tool. 
Prior to  ...)
-       TODO: check
+       NOT-FOR-US: DataEase
 CVE-2024-46639 (A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 
allows  ...)
        NOT-FOR-US: HelpDeskZ
 CVE-2024-46544 (Incorrect Default Permissions vulnerability in Apache Tomcat 
Connector ...)
@@ -32,31 +32,31 @@ CVE-2024-44540 (Ubiquiti AirMax firmware version firmware 
version 8 allows attac
 CVE-2024-43201 (The Planet Fitness Workouts iOS and Android mobile apps prior 
to versi ...)
        NOT-FOR-US: Planet Fitness Workouts iOS and Android mobile apps
 CVE-2024-41228 (A symlink following vulnerability in the pouch cp function of 
AliyunCo ...)
-       TODO: check
+       NOT-FOR-US: AliyunContainerService
 CVE-2024-40442 (An issue in Doccano Open source annotation tools for machine 
learning  ...)
-       TODO: check
+       NOT-FOR-US: Doccano
 CVE-2024-40441 (An issue in Doccano Open source annotation tools for machine 
learning  ...)
-       TODO: check
+       NOT-FOR-US: Doccano
 CVE-2024-39843 (A SQL injection vulnerability in Centreon 24.04.2 allows a 
remote high ...)
        TODO: check
 CVE-2024-39842 (A SQL injection vulnerability in Centreon 24.04.2 allows a 
remote high ...)
        TODO: check
 CVE-2024-39342 (Entrust Instant Financial Issuance (formerly known as 
Cardwizard) 6.10 ...)
-       TODO: check
+       NOT-FOR-US: Entrust Instant Financial Issuance
 CVE-2024-39341 (Entrust Instant Financial Issuance (On Premise) Software 
(formerly kno ...)
-       TODO: check
+       NOT-FOR-US: Entrust Instant Financial Issuance
 CVE-2024-37779 (WoodWing Elvis DAM v6.98.1 was discovered to contain an 
authenticated  ...)
-       TODO: check
+       NOT-FOR-US: WoodWing Elvis DAM
 CVE-2024-34331 (A lack of code signature verification in Parallels Desktop for 
Mac v19 ...)
-       TODO: check
+       NOT-FOR-US: Parallels Desktop
 CVE-2024-23972 (Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow 
Remote Co ...)
-       TODO: check
+       NOT-FOR-US: Sony XAV-AX5500 USB Configuration Descriptor
 CVE-2024-23934 (Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow 
Remote Cod ...)
-       TODO: check
+       NOT-FOR-US: Sony XAV-AX5500 WMV/ASF
 CVE-2024-23933 (Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote 
Code Ex ...)
-       TODO: check
+       NOT-FOR-US: Sony XAV-AX5500 CarPlay TLV
 CVE-2024-23922 (Sony XAV-AX5500 Insufficient Firmware Update Validation Remote 
Code Ex ...)
-       TODO: check
+       NOT-FOR-US: Sony XAV-AX5500
 CVE-2024-0005 (A condition exists in FlashArray and FlashBlade Purity whereby 
a malic ...)
        TODO: check
 CVE-2024-0004 (A condition exists in FlashArray Purity whereby an user with 
array adm ...)
@@ -68,7 +68,7 @@ CVE-2024-0002 (A condition exists in FlashArray Purity 
whereby an attacker can e
 CVE-2024-0001 (A condition exists in FlashArray Purity whereby a local account 
intend ...)
        TODO: check
 CVE-2023-46948 (A reflected Cross-Site Scripting (XSS) vulnerability was found 
on Teme ...)
-       TODO: check
+       NOT-FOR-US: Temenos T24 Browser
 CVE-2022-48945 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 6.1.4-1
        [bullseye] - linux 5.10.178-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67cfca11a385c33000b188dc4b5f09f1c6d5565b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67cfca11a385c33000b188dc4b5f09f1c6d5565b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to