[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Apr 27 16:49:33 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d4f70bd2 by Salvatore Bonaccorso at 2025-04-27T17:49:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,11 @@ CVE-2025-46673 (NASA CryptoLib before 1.3.2 does not check whether the SA is in
 CVE-2025-46672 (NASA CryptoLib before 1.3.2 does not check the OTAR crypto function re ...)
 	NOT-FOR-US: NASA CryptoLib
 CVE-2025-46656 (python-markdownify (aka markdownify) before 0.14.1 allows large headli ...)
-	TODO: check
+	NOT-FOR-US: python-markdownify (aka markdownify)
 CVE-2025-46655 (CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS  ...)
-	TODO: check
+	NOT-FOR-US: CodiMD
 CVE-2025-46654 (CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS  ...)
-	TODO: check
+	NOT-FOR-US: CodiMD
 CVE-2025-46653 (Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies ...)
 	TODO: check
 CVE-2025-46580 (There is a code-related vulnerability in the GoldenDB database product ...)
@@ -41,17 +41,17 @@ CVE-2025-3959 (A vulnerability was found in withstars Books-Management-System 1.
 CVE-2025-3958 (A vulnerability was found in withstars Books-Management-System 1.0. It ...)
 	NOT-FOR-US: withstars Books-Management-System
 CVE-2025-3957 (A vulnerability was found in opplus springboot-admin 1.0 and classifie ...)
-	TODO: check
+	NOT-FOR-US: opplus springboot-admin
 CVE-2025-3956 (A vulnerability has been found in 201206030 novel-cloud 1.4.0 and clas ...)
-	TODO: check
+	NOT-FOR-US: novel-cloud
 CVE-2025-3955 (A vulnerability, which was classified as critical, was found in codepr ...)
 	NOT-FOR-US: code-projects
 CVE-2025-3954 (A vulnerability, which was classified as problematic, has been found i ...)
 	NOT-FOR-US: ChurchCRM
 CVE-2024-52888 (For an authenticated end-user the portal may run a script while attemp ...)
-	TODO: check
+	NOT-FOR-US: Checkpoint
 CVE-2024-52887 (Authenticated end-user may set a specially crafted SNX bookmark that c ...)
-	TODO: check
+	NOT-FOR-US: Checkpoint
 CVE-2025-46652 (In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. ...)
 	NOT-FOR-US: IZArc
 CVE-2025-46646 (In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4f70bd2c3d88d8027b5919c75dbef5b1fe777ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4f70bd2c3d88d8027b5919c75dbef5b1fe777ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250427/8b48a3f1/attachment.htm>

More information about the debian-security-tracker-commits mailing list