[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 4 09:14:37 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2d9ab357 by Salvatore Bonaccorso at 2025-04-04T10:14:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2025-3220 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3219 (A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been  ...)
 	TODO: check
 CVE-2025-3217 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3216 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3215 (A vulnerability was found in PHPGurukul Restaurant Table Booking Syste ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3214 (A vulnerability has been found in JFinal CMS up to 5.2.4 and classifie ...)
 	TODO: check
 CVE-2025-3213 (A vulnerability classified as critical was found in PHPGurukul e-Diary ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3211 (A vulnerability classified as critical has been found in code-projects ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-3210 (A vulnerability was found in code-projects Patient Record Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-3209 (A vulnerability was found in code-projects Patient Record Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-3208 (A vulnerability was found in code-projects Patient Record Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-3207 (A vulnerability was found in code-projects Patient Record Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-3206 (A vulnerability has been found in code-projects Hospital Management Sy ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-3205 (A vulnerability, which was classified as critical, was found in CodeAs ...)
 	TODO: check
 CVE-2025-3204 (A vulnerability, which was classified as critical, has been found in C ...)
 	TODO: check
 CVE-2025-3203 (A vulnerability classified as problematic was found in Tenda W18E 16.0 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-3202 (A vulnerability classified as critical has been found in ageerle ruoyi ...)
 	TODO: check
 CVE-2025-3199 (A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classifi ...)
@@ -49,9 +49,9 @@ CVE-2025-3192 (Versions of the package spatie/browsershot from 0.0.0 are vulnera
 CVE-2025-3191 (All versions of the package react-draft-wysiwyg are vulnerable to Cros ...)
 	TODO: check
 CVE-2025-3188 (A vulnerability classified as critical has been found in PHPGurukul e- ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3187 (A vulnerability was found in PHPGurukul e-Diary Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-3186 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
 	TODO: check
 CVE-2025-3185 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
@@ -71,7 +71,7 @@ CVE-2025-3179 (A vulnerability classified as critical has been found in projectw
 CVE-2025-3178 (A vulnerability was found in projectworlds Online Doctor Appointment B ...)
 	TODO: check
 CVE-2025-3105 (The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3087 (Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 a ...)
 	TODO: check
 CVE-2025-3086 (Improper isolation of users in M-Files Server version before 25.3.1454 ...)
@@ -81,23 +81,23 @@ CVE-2025-32111 (The Docker image from acme.sh before 40b6db6 is based on a .gith
 CVE-2025-30370 (jupyterlab-git is a JupyterLab extension for version control using Git ...)
 	TODO: check
 CVE-2025-2836 (The RegistrationMagic \u2013 Custom Registration Forms, User Registrat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2797 (The Woffice Core plugin for WordPress is vulnerable to Cross-Site Requ ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2780 (The Woffice Core plugin for WordPress, used by the Woffice Theme, is v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2317 (The Product Filter by WBW plugin for WordPress is vulnerable to time-b ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2279 (The Maps  WordPress plugin through 1.0.6 does not validate and escape  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2270 (The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2159 (Stored XSS in Desktop UI in M-Files Server Admin tool before version 2 ...)
 	TODO: check
 CVE-2025-2075 (The Uncanny Automator \u2013 Easy Automation, Integration, Webhooks &  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-29815 (Use after free in Microsoft Edge (Chromium-based) allows an authorized ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-29796 (User interface (ui) misrepresentation of critical information in Micro ...)
 	TODO: check
 CVE-2025-26401 (Weak encoding for password vulnerability exists in HMI ViewJet C-more  ...)
@@ -107,15 +107,15 @@ CVE-2025-25061 (Unintended proxy or intermediary ('Confused Deputy') issue exist
 CVE-2025-25001 (Improper neutralization of input during web page generation ('cross-si ...)
 	TODO: check
 CVE-2025-25000 (Access of resource using incompatible type ('type confusion') in Micro ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-24317 (Allocation of resources without limits or throttling issue exists in H ...)
 	TODO: check
 CVE-2025-24310 (Improper restriction of rendered UI layers or frames issue exists in H ...)
 	TODO: check
 CVE-2025-0279 (HCL Traveler generates some error messages that provide detailed infor ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2025-0278 (HCL Traveler is affected by an internal path disclosure in a Windows a ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-56528 (This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless ...)
 	TODO: check
 CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
@@ -131,15 +131,15 @@ CVE-2024-47212 (An issue was discovered in Iglu Server 0.13.0 and below. It invo
 CVE-2024-45199 (insightsoftware Hive JDBC through 2.6.13 has a remote code execution v ...)
 	TODO: check
 CVE-2024-42208 (HCL Connections is vulnerable to an information disclosure vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-13898 (The Simple Banner \u2013 Easily add multiple Banners/Bars/Notification ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13744 (The Booster for WooCommerce plugin for WordPress is vulnerable to arbi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13708 (The Booster for WooCommerce plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13645 (The tagDiv Composer plugin for WordPress is vulnerable to PHP Object I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3190
 	REJECTED
 CVE-2025-3177 (A vulnerability was found in FastCMS 0.1.5. It has been declared as cr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d9ab357ec3fa90f5742c21268a27a094e0dc31e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d9ab357ec3fa90f5742c21268a27a094e0dc31e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250404/93754540/attachment.htm>

More information about the debian-security-tracker-commits mailing list