[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 4 14:35:36 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ed06cf79 by Salvatore Bonaccorso at 2025-04-04T15:35:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -106,33 +106,33 @@ CVE-2025-29815 (Use after free in Microsoft Edge (Chromium-based) allows an auth
 CVE-2025-29796 (User interface (ui) misrepresentation of critical information in Micro ...)
 	TODO: check
 CVE-2025-26401 (Weak encoding for password vulnerability exists in HMI ViewJet C-more  ...)
-	TODO: check
+	NOT-FOR-US: HMI ViewJet C-more series
 CVE-2025-25061 (Unintended proxy or intermediary ('Confused Deputy') issue exists in H ...)
-	TODO: check
+	NOT-FOR-US: HMI ViewJet C-more series and HMI GC-A2 series
 CVE-2025-25001 (Improper neutralization of input during web page generation ('cross-si ...)
 	TODO: check
 CVE-2025-25000 (Access of resource using incompatible type ('type confusion') in Micro ...)
 	NOT-FOR-US: Microsoft
 CVE-2025-24317 (Allocation of resources without limits or throttling issue exists in H ...)
-	TODO: check
+	NOT-FOR-US: HMI ViewJet C-more series and HMI GC-A2 series
 CVE-2025-24310 (Improper restriction of rendered UI layers or frames issue exists in H ...)
-	TODO: check
+	NOT-FOR-US: HMI ViewJet C-more series
 CVE-2025-0279 (HCL Traveler generates some error messages that provide detailed infor ...)
 	NOT-FOR-US: HCL
 CVE-2025-0278 (HCL Traveler is affected by an internal path disclosure in a Windows a ...)
 	NOT-FOR-US: HCL
 CVE-2024-56528 (This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless ...)
-	TODO: check
+	NOT-FOR-US: Snowplow Collector
 CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
-	TODO: check
+	NOT-FOR-US: Iglu Server
 CVE-2024-47215 (An issue was discovered in Snowbridge setups sending data to Google Ta ...)
 	TODO: check
 CVE-2024-47214 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
-	TODO: check
+	NOT-FOR-US: Iglu Server
 CVE-2024-47213 (An issue was discovered affecting Enrich 5.1.0 and below. It involves  ...)
-	TODO: check
+	NOT-FOR-US: Enrich
 CVE-2024-47212 (An issue was discovered in Iglu Server 0.13.0 and below. It involves s ...)
-	TODO: check
+	NOT-FOR-US: Iglu Server
 CVE-2024-45199 (insightsoftware Hive JDBC through 2.6.13 has a remote code execution v ...)
 	TODO: check
 CVE-2024-42208 (HCL Connections is vulnerable to an information disclosure vulnerabili ...)
@@ -164,7 +164,7 @@ CVE-2025-3171 (A vulnerability classified as critical was found in Project World
 CVE-2025-3170 (A vulnerability classified as critical has been found in Project World ...)
 	NOT-FOR-US: Project Worlds
 CVE-2025-3169 (A vulnerability was found in Projeqtor up to 12.0.2. It has been rated ...)
-	TODO: check
+	NOT-FOR-US: Projeqtor
 CVE-2025-3168 (A vulnerability was found in PHPGurukul Time Table Generator System 1. ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-3167 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -172,7 +172,7 @@ CVE-2025-3167 (A vulnerability, which was classified as problematic, has been fo
 CVE-2025-3166 (A vulnerability classified as critical was found in code-projects Prod ...)
 	NOT-FOR-US: code-projects
 CVE-2025-3165 (A vulnerability classified as critical has been found in thu-pacman ch ...)
-	TODO: check
+	NOT-FOR-US: thu-pacman chitu
 CVE-2025-3164 (A vulnerability was found in Tencent Music Entertainment SuperSonic up ...)
 	NOT-FOR-US: Tencent Music Entertainment SuperSonic
 CVE-2025-3163 (A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has bee ...)
@@ -195,7 +195,7 @@ CVE-2025-3158 (A vulnerability, which was classified as critical, has been found
 	- assimp <unfixed>
 	NOTE: https://github.com/assimp/assimp/issues/6023
 CVE-2025-3157 (A vulnerability was found in Intelbras WRN 150 1.0.15_pt_ITB01. It has ...)
-	TODO: check
+	NOT-FOR-US: Intelbras WRN
 CVE-2025-3155 (A flaw was found in Yelp. The Gnome user help application allows the h ...)
 	- yelp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2357091



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed06cf7912239cc2565d141d07738a25ad3ef7d8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed06cf7912239cc2565d141d07738a25ad3ef7d8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250404/018ed63b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list