[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 15 21:22:46 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc393831 by Salvatore Bonaccorso at 2025-04-15T22:22:13+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,19 +6,19 @@ CVE-2025-3608 (A race condition existed in nsHttpTransaction that could have bee
 	- firefox <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-25/#CVE-2025-3608
 CVE-2025-3579 (In versions prior to Aidex 1.7, an authenticated malicious user, takin ...)
-	TODO: check
+	NOT-FOR-US: Aidex
 CVE-2025-3578 (A malicious, authenticated user in Aidex, versions prior to 1.7, could ...)
-	TODO: check
+	NOT-FOR-US: Aidex
 CVE-2025-3575 (Insecure Direct Object Reference vulnerability in Deporsite from T-INN ...)
-	TODO: check
+	NOT-FOR-US: Deporsite T-INNOVA
 CVE-2025-3574 (Insecure Direct Object Reference vulnerability in Deporsite from T-INN ...)
-	TODO: check
+	NOT-FOR-US: Deporsite T-INNOVA
 CVE-2025-33028 (In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: WinZip
 CVE-2025-33027 (In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass  ...)
-	TODO: check
+	NOT-FOR-US: Bandisoft Bandizip
 CVE-2025-33026 (In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: PeaZip
 CVE-2025-32949 (This vulnerability allows any authenticated user to cause the server t ...)
 	TODO: check
 CVE-2025-32948 (The vulnerability allows any attacker to cause the PeerTube server to  ...)
@@ -36,9 +36,9 @@ CVE-2025-32943 (The vulnerability allows any authenticated user to leak the cont
 CVE-2025-32929 (Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32780 (BleachBit cleans files to free disk space and to maintain privacy. Ble ...)
-	TODO: check
+	NOT-FOR-US: BleachBit
 CVE-2025-32779 (E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect  ...)
-	TODO: check
+	NOT-FOR-US: E.D.D.I (Enhanced Dialog Driven Interface) middleware
 CVE-2025-32776 (OpenRazer is an open source driver and user-space daemon to control Ra ...)
 	TODO: check
 CVE-2025-32445 (Argo Events is an event-driven workflow automation framework for Kuber ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc393831f4022c40c65645114834fb704fa297a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc393831f4022c40c65645114834fb704fa297a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250415/1754150f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list