[Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 10 22:14:19 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e975c342 by Salvatore Bonaccorso at 2025-04-10T23:13:40+02:00
Process two more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -136,7 +136,7 @@ CVE-2025-22279 (Improper Control of Filename for Include/Require Statement in PH
CVE-2025-22232 (Spring Cloud Config Server may not use Vault token sent by clients usi ...)
TODO: check
CVE-2025-1073 (Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may al ...)
- TODO: check
+ NOT-FOR-US: Panasonic
CVE-2023-43037 (IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated ...)
NOT-FOR-US: IBM
CVE-2023-43035 (IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages t ...)
@@ -111359,7 +111359,7 @@ CVE-2024-25704
CVE-2024-25703
REJECTED
CVE-2024-25700 (There is a stored Cross-site Scripting vulnerability in Esri Portal fo ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2024-25699 (There is a difficult to exploit improper authentication issue in the H ...)
NOT-FOR-US: Esri Portal
CVE-2024-25698 (There is a reflected cross site scripting vulnerability in the home ap ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e975c342ce69d3ac497a32460d700fe18858859f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e975c342ce69d3ac497a32460d700fe18858859f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250410/5d8066a4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list