[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 2 21:33:48 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8bed8de7 by Salvatore Bonaccorso at 2025-04-02T22:33:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,15 +25,15 @@ CVE-2025-31721 (A missing permission check in Jenkins 2.503 and earlier, LTS 2.4
 CVE-2025-31720 (A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 a ...)
 	NOT-FOR-US: Jenkins (core or plugin)
 CVE-2025-31286 (An HTML injection vulnerability previously discovered in Trend Vision  ...)
-	TODO: check
+	NOT-FOR-US: Trend Vision One
 CVE-2025-31285 (A broken access control vulnerability previously discovered in the Tre ...)
-	TODO: check
+	NOT-FOR-US: Trend Vision One
 CVE-2025-31284 (A broken access control vulnerability previously discovered in the Tre ...)
-	TODO: check
+	NOT-FOR-US: Trend Vision One
 CVE-2025-31283 (A broken access control vulnerability previously discovered in the Tre ...)
-	TODO: check
+	NOT-FOR-US: Trend Vision One
 CVE-2025-31282 (A broken access control vulnerability previously discovered in the Tre ...)
-	TODO: check
+	NOT-FOR-US: Trend Vision One
 CVE-2025-30090 (mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through ...)
 	TODO: check
 CVE-2025-2842 (A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab ...)
@@ -47,13 +47,13 @@ CVE-2025-2483 (The Gift Certificate Creator plugin for WordPress is vulnerable t
 CVE-2025-2005 (The Front End Users plugin for WordPress is vulnerable to arbitrary fi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-20212 (A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20203 (A vulnerability in the web-based management interface of Cisco Evolved ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20139 (A vulnerability in chat messaging features of Cisco Enterprise Chat an ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20120 (A vulnerability in the web-based management interface of Cisco Evolved ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-0154 (IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive  ...)
 	NOT-FOR-US: IBM
 CVE-2025-0014 (Incorrect default permissions on the AMD Ryzen(TM) AI installation fol ...)
@@ -67,19 +67,19 @@ CVE-2024-56474 (IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cr
 CVE-2024-56341 (IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross ...)
 	NOT-FOR-US: IBM
 CVE-2024-50597 (An integer underflow vulnerability exists in the HTTP server PUT reque ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-50596 (An integer underflow vulnerability exists in the HTTP server PUT reque ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-50595 (An integer underflow vulnerability exists in the HTTP server PUT reque ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-50594 (An integer underflow vulnerability exists in the HTTP server PUT reque ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-50385 (A denial of service vulnerability exists in the NetX Component HTTP se ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-50384 (A denial of service vulnerability exists in the NetX Component HTTP se ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-45064 (A buffer overflow vulnerability exists in the FileX Internal RAM inter ...)
-	TODO: check
+	NOT-FOR-US: STMicroelectronics
 CVE-2024-36337 (Integer overflow within AMD NPU Driver could allow a local attacker to ...)
 	TODO: check
 CVE-2024-36336 (Integer overflow within the AMD NPU Driver could allow a local attacke ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bed8de77c71aad0da6294d2107c72f5645d7d92

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bed8de77c71aad0da6294d2107c72f5645d7d92
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250402/afb28f06/attachment.htm>

More information about the debian-security-tracker-commits mailing list