[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed, 31 Jan 2024 00:27:38 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3feee4a3 by Salvatore Bonaccorso at 2024-01-31T09:26:56+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2024-24567 (Vyper is a pythonic Smart Contract Language for the ethereum 
virtual m ...)
-       TODO: check
+       NOT-FOR-US: Vyper
 CVE-2024-23834 (Discourse is an open-source discussion platform. Improperly 
sanitized  ...)
-       TODO: check
+       NOT-FOR-US: Discourse
 CVE-2024-23745 (In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to 
the Dirt ...)
-       TODO: check
+       NOT-FOR-US: Notion Web Clipper
 CVE-2024-22569 (Stored Cross-Site Scripting (XSS) vulnerability in POSCMS 
v4.6.2, allo ...)
-       TODO: check
+       NOT-FOR-US: POSCMS
 CVE-2024-22236 (In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, 
versions 4.0. ...)
        TODO: check
 CVE-2024-1069 (The Contact Form Entries plugin for WordPress is vulnerable to 
arbitra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1012 (A vulnerability, which was classified as critical, has been 
found in W ...)
-       TODO: check
+       NOT-FOR-US: Wanhu ezOFFICE
 CVE-2024-0836 (The WordPress Review & Structure Data Schema Plugin \u2013 
Review Sche ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51204 (Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 
and ROS_PY ...)
        TODO: check
 CVE-2023-51202 (OS command injection vulnerability in command processing or 
system cal ...)
@@ -25,9 +25,9 @@ CVE-2023-51197 (An issue discovered in shell command 
execution in ROS2 (Robot Op
 CVE-2023-3934
        REJECTED
 CVE-2023-31505 (An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Schlix CMS
 CVE-2023-2439 (The UserPro plugin for WordPress is vulnerable to Stored 
Cross-Site Sc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1062 [a heap overflow leading to denail-of-servce while writing a 
value larger than 256 chars (in log_entry_attr)]
        - 389-ds-base <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2261879
@@ -132,7 +132,7 @@ CVE-2024-0564 (A flaw was found in the Linux kernel's 
memory deduplication mecha
        - linux <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2258514
 CVE-2023-6943 (Use of Externally-Controlled Input to Select Classes or Code 
('Unsafe  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2023-6942 (Missing Authentication for Critical Function vulnerability in 
Mitsubis ...)
        NOT-FOR-US: Mitsubishi
 CVE-2023-6374 (Authentication Bypass by Capture-replay vulnerability in 
Mitsubishi El ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3feee4a39c22abb3018c0bf7004fcc8e7d44b99c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3feee4a39c22abb3018c0bf7004fcc8e7d44b99c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to