[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat, 24 Feb 2024 02:01:31 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cc6843ed by Salvatore Bonaccorso at 2024-02-24T10:59:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2024-27133 (Insufficient sanitization in MLflow leads to XSS when running 
a recipe ...)
-       TODO: check
+       NOT-FOR-US: mlflow
 CVE-2024-27132 (Insufficient sanitization in MLflow leads to XSS when running 
an untru ...)
-       TODO: check
+       NOT-FOR-US: mlflow
 CVE-2024-26192 (Microsoft Edge (Chromium-based) Information Disclosure 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-26188 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-25730 (Hitron CODA-4582 and CODA-4589 devices have default PSKs that 
are gene ...)
-       TODO: check
+       NOT-FOR-US: Hitron CODA-4582 and CODA-4589 devices
 CVE-2024-25469 (SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and 
before all ...)
-       TODO: check
+       NOT-FOR-US: CRMEB crmeb_java
 CVE-2024-24681 (Insecure AES key in Yealink Configuration Encrypt Tool below 
verrsion  ...)
-       TODO: check
+       NOT-FOR-US: Yealink
 CVE-2024-24310 (In the module "Generate barcode on invoice / delivery slip" 
(ecgenerat ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop module
 CVE-2024-24309 (In the module "Survey TMA" (ecomiz_survey_tma) up to version 
2.0.0 fro ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop module
 CVE-2024-22988 (An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to 
execute ar ...)
-       TODO: check
+       NOT-FOR-US: zkteco zkbio WDMS
 CVE-2024-22395 (Improper access control vulnerability has been identified in 
the SMA10 ...)
-       TODO: check
+       NOT-FOR-US: SMA100 SSL-VPN virtual office portal
 CVE-2024-21502 (Versions of the package fastecdsa before 2.3.2 are vulnerable 
to Use o ...)
        TODO: check
 CVE-2024-21501 (Versions of the package sanitize-html before 2.12.1 are 
vulnerable to  ...)
        TODO: check
 CVE-2024-21423 (Microsoft Edge (Chromium-based) Information Disclosure 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-1810 (The Archivist \u2013 Custom Archive Templates plugin for 
WordPress is  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-22371
        NOT-FOR-US: Apache Camel
 CVE-2024-27319 (Versions of the package onnx before and including 1.15.0 are 
vulnerabl ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6843ed6bb0e2d509751dd426e92a542ef9d3f4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6843ed6bb0e2d509751dd426e92a542ef9d3f4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to