[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Apr 9 09:55:11 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
90bb549a by Salvatore Bonaccorso at 2025-04-09T10:54:46+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
 CVE-2025-3442 (This vulnerability exists in TP-Link TapoH200 V1  IoT Smart Hub due to ...)
 	TODO: check
 CVE-2025-3100 (The WP Project Manager \u2013 Task, team, and project management plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-32464 (HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a s ...)
 	TODO: check
 CVE-2025-32461 (wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in ...)
 	TODO: check
 CVE-2025-30294 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30293 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30292 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30290 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30289 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30288 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30287 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30284 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30282 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-30281 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-29988 (Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulne ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-27192 (Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4. ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27191 (Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4. ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27190 (Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4. ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27189 (Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4. ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27188 (Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4. ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-25013 (Improper restriction of environment variables in Elastic Defend can le ...)
 	TODO: check
 CVE-2025-24447 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24446 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-20952 (Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2024-8243 (The WordPress/Plugin Upgrade Time Out Plugin WordPress plugin through  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6860 (The WP MultiTasking  WordPress plugin through 0.1.12 does not have CSR ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6857 (The WP MultiTasking  WordPress plugin through 0.1.12 does not have CSR ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-55354 (Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can  ...)
 	TODO: check
 CVE-2024-12556 (Prototype Pollution in Kibana can lead to code injection via unrestric ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90bb549ac76652fee1abf6da6b90afe880679c0f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90bb549ac76652fee1abf6da6b90afe880679c0f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250409/0470f0cf/attachment.htm>
