[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 16 Oct 2024 09:49:39 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
48cd6857 by Moritz Mühlenhoff at 2024-10-16T09:43:20+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84,11 +84,11 @@ CVE-2024-48279 (A HTML Injection vulnerability was found in 
/search-result.php o
 CVE-2024-48278 (Phpgurukul User Registration & Login and User Management 
System 3.2 is ...)
        NOT-FOR-US: Phpgurukul User Registration & Login and User Management 
System
 CVE-2024-47945 (The devices are vulnerable to session hijacking due to 
insufficient  e ...)
-       TODO: check
+       NOT-FOR-US: Rittal
 CVE-2024-47944 (The device directly executes .patch firmware upgrade files on 
a USB st ...)
-       TODO: check
+       NOT-FOR-US: Rittal
 CVE-2024-47943 (The firmware upgrade function in the admin web interface of 
the Rittal ...)
-       TODO: check
+       NOT-FOR-US: Rittal
 CVE-2024-47876 (Sakai is a Collaboration and Learning Environment. Starting in 
version ...)
        NOT-FOR-US: Sakai
 CVE-2024-47874 (Starlette is an Asynchronous Server Gateway Interface (ASGI) 
framework ...)
@@ -96,13 +96,13 @@ CVE-2024-47874 (Starlette is an Asynchronous Server Gateway 
Interface (ASGI) fra
        NOTE: 
https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw
        NOTE: 
https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733
 (0.40.0)
 CVE-2024-47824 (matrix-react-sdk is react-based software development kit for 
inserting ...)
-       TODO: check
+       NOT-FOR-US: matrix-react-sdk
 CVE-2024-47779 (Element is a Matrix web client built using the Matrix React 
SDK .Eleme ...)
-       TODO: check
+       - element-web <itp> (bug #866502)
 CVE-2024-47771 (Element Desktop is a Matrix client for desktop platforms. 
Element Desk ...)
        TODO: check
 CVE-2024-47080 (matrix-js-sdk is the Matrix Client-Server SDK for JavaScript 
and TypeS ...)
-       TODO: check
+       NOT-FOR-US: matrix-js-sdk
 CVE-2024-45276 (An unauthenticated remote attacker can get read access to 
files in the ...)
        TODO: check
 CVE-2024-45275 (The devices contain two hard coded user accounts with 
hardcoded passwo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48cd6857c88b7b0bb8a29396c66706ea39b1cab2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48cd6857c88b7b0bb8a29396c66706ea39b1cab2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to