[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 22 09:32:32 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e19477f6 by Salvatore Bonaccorso at 2025-04-22T10:32:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2025-3856 (A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been cla ...)
-	TODO: check
+	NOT-FOR-US: xxyopen Novel-Plus
 CVE-2025-3855 (A vulnerability was found in CodeCanyon RISE Ultimate Project Manager  ...)
-	TODO: check
+	NOT-FOR-US: CodeCanyon RISE Ultimate Project Manager
 CVE-2025-3854 (A vulnerability, which was classified as critical, was found in H3C GR ...)
-	TODO: check
+	NOT-FOR-US: H3C
 CVE-2025-3850 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: YXJ2018 SpringBoot-Vue-OnlineExam
 CVE-2025-3849 (A vulnerability classified as problematic was found in YXJ2018 SpringB ...)
-	TODO: check
+	NOT-FOR-US: YXJ2018 SpringBoot-Vue-OnlineExam
 CVE-2025-3847 (A vulnerability classified as critical has been found in markparticle  ...)
-	TODO: check
+	NOT-FOR-US: markparticle WebServer
 CVE-2025-3846 (A vulnerability was found in markparticle WebServer up to 1.0. It has  ...)
-	TODO: check
+	NOT-FOR-US: markparticle WebServer
 CVE-2025-3845 (A vulnerability was found in markparticle WebServer up to 1.0. It has  ...)
-	TODO: check
+	NOT-FOR-US: markparticle WebServer
 CVE-2025-3843 (A vulnerability was found in panhainan DS-Java 1.0. It has been classi ...)
-	TODO: check
+	NOT-FOR-US: panhainan DS-Java
 CVE-2025-3842 (A vulnerability was found in panhainan DS-Java 1.0 and classified as c ...)
-	TODO: check
+	NOT-FOR-US: panhainan DS-Java
 CVE-2025-3814 (The Tax Switch for WooCommerce plugin for WordPress is vulnerable to S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-3616 (The Greenshift \u2013 animation and page builder blocks plugin for Wor ...)
@@ -29,7 +29,7 @@ CVE-2025-32958 (Adept is a language for general purpose programming. Prior to co
 CVE-2025-32956 (ManageWiki is a MediaWiki extension allowing users to manage wikis. Ve ...)
 	TODO: check
 CVE-2025-32955 (Harden-Runner is a CI/CD security agent that works like an EDR for Git ...)
-	TODO: check
+	NOT-FOR-US: Harden-Runner
 CVE-2025-2987 (IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side reque ...)
 	NOT-FOR-US: IBM
 CVE-2025-2839 (The WP Import Export Lite plugin for WordPress is vulnerable to Stored ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e19477f6cecef8c7ddbe4349d1d4befe2c8b88f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e19477f6cecef8c7ddbe4349d1d4befe2c8b88f2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250422/7c2dafc5/attachment.htm>

More information about the debian-security-tracker-commits mailing list