[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Wed Apr 16 22:00:50 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4a492ae5 by Salvatore Bonaccorso at 2025-04-16T23:00:29+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -340,11 +340,11 @@ CVE-2025-27495 (A vulnerability has been identified in TeleControl Server Basic
 CVE-2025-22872 (The tokenizer incorrectly interprets tags with unquoted attribute valu ...)
 	TODO: check
 CVE-2025-20236 (A vulnerability in the custom URL parser of Cisco Webex App could allo ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20178 (A vulnerability in the web-based management interface of Cisco Secure  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20150 (A vulnerability in Cisco Nexus Dashboard could allow an unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-1983 (A cross-site scripting (XSS) vulnerability in Ready_'s File Explorer u ...)
 	TODO: check
 CVE-2025-1982 (Local File Inclusion vulnerability in Ready's attachment upload panel  ...)
@@ -356,17 +356,17 @@ CVE-2025-1980 (The Ready_ application's Profile section allows users to upload f
 CVE-2024-58249 (In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps  ...)
 	TODO: check
 CVE-2024-58248 (nopCommerce before 4.80.0 does not offer locking for order placement.  ...)
-	TODO: check
+	NOT-FOR-US: nopCommerce
 CVE-2024-56736 (Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.  ...)
-	TODO: check
+	NOT-FOR-US: Apache HertzBeat
 CVE-2024-53305 (An issue in the component /models/config.py of Whoogle search v0.9.0 a ...)
-	TODO: check
+	NOT-FOR-US: Whoogle search
 CVE-2024-53304 (An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthen ...)
-	TODO: check
+	NOT-FOR-US: LRQA Nettitude PoshC2
 CVE-2024-53303 (A remote code execution (RCE) vulnerability in the upload_file functio ...)
-	TODO: check
+	NOT-FOR-US: LRQA Nettitude PoshC2
 CVE-2024-52281 (A: Improper Neutralization of Input During Web Page Generation vulnera ...)
-	TODO: check
+	NOT-FOR-US: Rancher
 CVE-2024-46915
 	REJECTED
 CVE-2024-40074 (Sourcecodester Online ID Generator System 1.0 was discovered to contai ...)
@@ -386,9 +386,9 @@ CVE-2024-40068 (Sourcecodester Online ID Generator System 1.0 was discovered to
 CVE-2024-22314 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses we ...)
 	NOT-FOR-US: IBM
 CVE-2024-22036 (A vulnerability has been identified within Rancher where a cluster or  ...)
-	TODO: check
+	NOT-FOR-US: Rancher
 CVE-2023-32197 (A Improper Privilege Management vulnerability in SUSE rancher in RoleT ...)
-	TODO: check
+	NOT-FOR-US: Rancher
 CVE-2025-23138 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/f13abc1e8e1a3b7455511c4e122750127f6bc9b0 (6.15-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a492ae589456545aaf8ebf9a7eea30dd6a17987

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a492ae589456545aaf8ebf9a7eea30dd6a17987
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250416/c0821843/attachment.htm>
