Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
50233138 by Salvatore Bonaccorso at 2025-03-04T21:21:37+01:00
auto-nfu: Followup fix for indentation
- - - - -
c26c60c4 by Salvatore Bonaccorso at 2025-03-04T21:22:00+01:00
Process some NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -809,47 +809,47 @@ CVE-2024-53012 (Memory corruption may occur due to
improper input validation in
CVE-2024-53011 (Information disclosure may occur due to improper permission
and access ...)
TODO: check
CVE-2024-51966 (There is a path traversal vulnerability in ESRI ArcGIS Server
versions ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51963 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51962 (A SQL injection vulnerability in ArcGIS Server allows an
EDIToperation ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51961 (There is a local file inclusion vulnerability in ArcGIS Server
10.9.1 ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51960 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51959 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51958 (There is a path traversal vulnerability in ESRI ArcGIS Server
versions ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51957 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51956 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51954 (There is an improper access control issue in ArcGIS Server
versions 10 ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51953 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51952 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51951 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51950 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51949 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51948 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51947 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51946 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51945 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51944 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51942 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-51091 (Cross Site Scripting vulnerability in seajs v.2.2.3 allows a
remote at ...)
TODO: check
CVE-2024-49836 (Memory corruption may occur during the synchronization of the
camera`s ...)
@@ -885,7 +885,7 @@ CVE-2024-38426 (While processing the authentication message
in UE, improper auth
CVE-2024-30154 (HCL SX is vulnerable to cross-site request forgery
vulnerability which ...)
TODO: check
CVE-2024-10904 (There is a stored Cross-site Scripting vulnerability in ArcGIS
Server ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2023-49031 (Directory Traversal (Local File Inclusion) vulnerability in
Tikit (now ...)
TODO: check
CVE-2024-24778 (Improper privilege management in a REST interface allowed
registered u ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -25,7 +25,7 @@
allOf:
- cna: adobe
- not:
- product: XMP Toolkit
+ product: XMP Toolkit
# Description based rules
- reason: D-Link
description: '.*\b(?i: d-link)\b.*'
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5fe41558e60490f2a1f71d694139bf7c7111b37...c26c60c4bb811f8b8738f59831d4d67134cd95ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5fe41558e60490f2a1f71d694139bf7c7111b37...c26c60c4bb811f8b8738f59831d4d67134cd95ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
