[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 14 21:14:47 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
251cef69 by Salvatore Bonaccorso at 2025-04-14T22:14:25+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-3585 (A vulnerability classified as critical has been found in westboy
CVE-2025-3571 (A vulnerability was found in Fannuo Enterprise Content Management Syst ...)
TODO: check
CVE-2025-3570 (A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-3569 (A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1 ...)
TODO: check
CVE-2025-3568 (A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and cl ...)
@@ -55,7 +55,7 @@ CVE-2025-32907 (A flaw was found in libsoup. The implementation of HTTP range re
CVE-2025-32906 (A flaw was found in libsoup, where the soup_headers_parse_request() fu ...)
TODO: check
CVE-2025-2572 (In WhatsUp Gold versions released before 2024.0.3, a database manipu ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-2475 (Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11 ...)
TODO: check
CVE-2025-2424 (Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check i ...)
@@ -67,7 +67,7 @@ CVE-2025-2160 (Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by a
CVE-2025-29720 (Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSR ...)
TODO: check
CVE-2025-27009 (Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22373 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-22372 (Insufficiently Protected Credentials vulnerability in SicommNet BASEC ...)
@@ -77,7 +77,7 @@ CVE-2025-22371 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2025-1782 (In HylaFAX Enterprise Web Interface and AvantFAX, the language form el ...)
TODO: check
CVE-2024-49825 (IBM Robotic Process Automation and Robotic Process Automation for Clou ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-49709 (Internet Starter, one of SoftCOM iKSORIS system modules,allows for set ...)
TODO: check
CVE-2024-49708 (Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/251cef6955fe9baa2ae135f9e336a72aa3f4ac6e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/251cef6955fe9baa2ae135f9e336a72aa3f4ac6e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250414/6d1b70cd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list