Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fa313055 by Moritz Muehlenhoff at 2024-05-28T09:16:23+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,9 +11,9 @@ CVE-2024-5405 (A vulnerability had been discovered in WinNMP 
19.02 consisting of
 CVE-2024-3381
        REJECTED
 CVE-2024-36383 (An issue was discovered in Logpoint SAML Authentication before 
6.0.3.  ...)
-       TODO: check
+       NOT-FOR-US: Logpoint
 CVE-2024-36105 (dbt enables data analysts and engineers to transform their 
data using  ...)
-       TODO: check
+       NOT-FOR-US: dbt-core
 CVE-2024-36037 (Zoho ManageEngine ADAudit Plus versions 7260 and below allows 
unauthor ...)
        NOT-FOR-US: Zoho ManageEngine
 CVE-2024-36036 (Zoho ManageEngine ADAudit Plus versions 7260 and below allows 
unauthor ...)
@@ -23,21 +23,21 @@ CVE-2024-35238 (Minder by Stacklok is an open source 
software supply chain secur
 CVE-2024-35237 (MIT IdentiBot is an open-source Discord bot written in Node.js 
that ve ...)
        NOT-FOR-US: MIT IdentiBot
 CVE-2024-35236 (Audiobookshelf is a self-hosted audiobook and podcast server. 
Prior to ...)
-       TODO: check
+       NOT-FOR-US: Audiobookshelf
 CVE-2024-35231 (rack-contrib provides contributed rack middleware and 
utilities for Ra ...)
        TODO: check
 CVE-2024-35229 (ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs 
to scal ...)
        NOT-FOR-US: ZKsync Era
 CVE-2024-35219 (OpenAPI Generator allows generation of API client libraries 
(SDK gener ...)
-       TODO: check
+       NOT-FOR-US: OpenAPI Generator
 CVE-2024-35182 (Meshery is an open source, cloud native manager that enables 
the desig ...)
-       TODO: check
+       NOT-FOR-US: Meshery
 CVE-2024-35181 (Meshery is an open source, cloud native manager that enables 
the desig ...)
-       TODO: check
+       NOT-FOR-US: Meshery
 CVE-2024-34923 (In Avocent DSR2030 Appliance firmware 03.04.00.07 before 
03.07.01.23,  ...)
        NOT-FOR-US: Avocent DSR2030 Appliance firmware
 CVE-2024-34477 (configureNFS in lib/common/functions.sh in FOG through 1.5.10 
allows l ...)
-       TODO: check
+       NOT-FOR-US: FOG
 CVE-2024-32978 (Kaminari is a paginator for web app frameworks and object 
relational m ...)
        TODO: check
 CVE-2024-29415 (The ip package through 2.0.1 for Node.js might allow SSRF 
because some ...)
@@ -45,7 +45,7 @@ CVE-2024-29415 (The ip package through 2.0.1 for Node.js 
might allow SSRF becaus
 CVE-2024-27310 (Zoho ManageEngineADSelfService Plus versions below6401 are 
vulnerable  ...)
        NOT-FOR-US: Zoho ManageEngine
 CVE-2024-0851 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Grup Arge Energy and Control Systems Smartpower
 CVE-2023-6349 (A heap overflow vulnerability exists in libvpx -Encoding a 
frame that  ...)
        - libvpx 1.13.1-2
        NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1642



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa3130557957c9967f43930cd37a074203463f69

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa3130557957c9967f43930cd37a074203463f69
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to