[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 18 08:37:41 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ef2ec974 by Salvatore Bonaccorso at 2025-04-18T09:37:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -451,9 +451,9 @@ CVE-2025-26478 (Dell ECS version 3.8.1.4 and prior contain an Improper Certifica
 CVE-2025-26477 (Dell ECS version 3.8.1.4 and prior contain an Improper Input Validatio ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-26269 (DragonflyDB Dragonfly through 1.28.2 allows authenticated users to cau ...)
-	TODO: check
+	NOT-FOR-US: DragonflyDB Dragonfly
 CVE-2025-26268 (DragonflyDB Dragonfly before 1.27.0 allows authenticated users to caus ...)
-	TODO: check
+	NOT-FOR-US: DragonflyDB Dragonfly
 CVE-2025-25457 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in Adv ...)
 	NOT-FOR-US: Tenda
 CVE-2025-25455 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in Adv ...)
@@ -541,11 +541,11 @@ CVE-2025-1532 (Phoneservice module is affected by code injection vulnerability,
 CVE-2024-56518 (Hazelcast Management Center through 6.0 allows remote code execution v ...)
 	NOT-FOR-US: Hazelcast Management Center
 CVE-2024-55238 (OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can e ...)
-	TODO: check
+	NOT-FOR-US: OpenMetadata
 CVE-2024-55211 (An issue in Think Router Tk-Rt-Wr135G V3.0.2-X000 allows attackers to  ...)
 	NOT-FOR-US: Think Router
 CVE-2024-53924 (Pycel through 1.0b30, when operating on an untrusted spreadsheet, allo ...)
-	TODO: check
+	NOT-FOR-US: Pycel
 CVE-2024-42177 (HCL MyXalytics is affected by SSL\u2215TLS Protocol affected with BREA ...)
 	NOT-FOR-US: HCL
 CVE-2024-40124 (Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via th ...)
@@ -2341,7 +2341,7 @@ CVE-2025-22372 (Insufficiently Protected Credentials vulnerability in SicommNet
 CVE-2025-22371 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: SicommNet BASEC
 CVE-2025-1782 (In HylaFAX Enterprise Web Interface and AvantFAX, the language form el ...)
-	TODO: check
+	NOT-FOR-US: HylaFAX Enterprise Web Interface / AvantFAX
 CVE-2024-49825 (IBM Robotic Process Automation and Robotic Process Automation for Clou ...)
 	NOT-FOR-US: IBM
 CVE-2024-49709 (Internet Starter, one of SoftCOM iKSORIS system modules,allows for set ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2ec97469013c3743dc7f50ceb6f19129138cdb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef2ec97469013c3743dc7f50ceb6f19129138cdb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250418/14c8c390/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list