[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 28 21:20:43 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79180192 by Salvatore Bonaccorso at 2025-04-28T22:20:20+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2025-4036 (A vulnerability was found in 201206030 Novel 3.5.0 and classified as c ...)
-	TODO: check
+	NOT-FOR-US: 201206030 Novel
 CVE-2025-4034 (A vulnerability classified as critical was found in projectworlds Onli ...)
 	NOT-FOR-US: Project Worlds
 CVE-2025-4033 (A vulnerability classified as critical has been found in PHPGurukul Ni ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4032 (A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d ...)
-	TODO: check
+	NOT-FOR-US: inclusionAI AWorld
 CVE-2025-4031 (A vulnerability was found in PHPGurukul Pre-School Enrollment System 1 ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4030 (A vulnerability was found in PHPGurukul COVID19 Testing Management Sys ...)
@@ -25,33 +25,33 @@ CVE-2025-4024 (A vulnerability classified as critical has been found in itsource
 CVE-2025-4023 (A vulnerability was found in itsourcecode Placement Management System  ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2025-4022 (A vulnerability was found in web-arena-x webarena up to 0.2.0. It has  ...)
-	TODO: check
+	NOT-FOR-US: web-arena-x webarena
 CVE-2025-4021 (A vulnerability was found in code-projects Patient Record Management S ...)
 	NOT-FOR-US: code-projects
 CVE-2025-4020 (A vulnerability was found in PHPGurukul Old Age Home Management System ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4019 (A vulnerability, which was classified as critical, was found in 201206 ...)
-	TODO: check
+	NOT-FOR-US: 20120630 Novel-Plus
 CVE-2025-4018 (A vulnerability, which was classified as critical, has been found in 2 ...)
-	TODO: check
+	NOT-FOR-US: 20120630 Novel-Plus
 CVE-2025-4017 (A vulnerability classified as problematic was found in 20120630 Novel- ...)
-	TODO: check
+	NOT-FOR-US: 20120630 Novel-Plus
 CVE-2025-4016 (A vulnerability classified as critical has been found in 20120630 Nove ...)
-	TODO: check
+	NOT-FOR-US: 20120630 Novel-Plus
 CVE-2025-4015 (A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0 ...)
-	TODO: check
+	NOT-FOR-US: 20120630 Novel-Plus
 CVE-2025-4014 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4013 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4012 (A vulnerability was found in playeduxyz PlayEdu \u5f00\u6e90\u57f9\u8b ...)
-	TODO: check
+	NOT-FOR-US: playeduxyz PlayEdu
 CVE-2025-4011 (A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and  ...)
 	TODO: check
 CVE-2025-46661 (IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Ex ...)
-	TODO: check
+	NOT-FOR-US: IPW Systems Metazo
 CVE-2025-46614 (In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driv ...)
-	TODO: check
+	NOT-FOR-US: Snowflake Connector for ODBC
 CVE-2025-45953 (A vulnerability was found in PHPGurukul Hostel Management System 2.1 i ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-45949 (A critical vulnerability was found in PHPGurukul User Registration & L ...)
@@ -61,9 +61,9 @@ CVE-2025-45947 (An issue in phpgurukul Online Banquet Booking System V1.2 allows
 CVE-2025-43857 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
 	TODO: check
 CVE-2025-43854 (DIFY is an open-source LLM app development platform. Prior to version  ...)
-	TODO: check
+	NOT-FOR-US: Dify
 CVE-2025-42598 (Multiple SEIKO EPSON printer drivers for Windows OS are configured wit ...)
-	TODO: check
+	NOT-FOR-US: EPSON
 CVE-2025-3224 (A vulnerability in the update process of Docker Desktop for Windows ve ...)
 	TODO: check
 CVE-2025-3200 (An unauthenticated remote attacker could exploit the used, insecure TL ...)
@@ -71,11 +71,11 @@ CVE-2025-3200 (An unauthenticated remote attacker could exploit the used, insecu
 CVE-2025-39367 (Missing Authorization vulnerability in SeventhQueen Kleo.This issue af ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-34491 (GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deser ...)
-	TODO: check
+	NOT-FOR-US: GFI MailEssentials
 CVE-2025-34490 (GFI MailEssentials prior to version 21.8 is vulnerable to an XML Exter ...)
-	TODO: check
+	NOT-FOR-US: GFI MailEssentials
 CVE-2025-34489 (GFI MailEssentials prior to version 21.8 is vulnerable to a local priv ...)
-	TODO: check
+	NOT-FOR-US: GFI MailEssentials
 CVE-2025-32472 (The multiScan and picoScan are vulnerable to a denial-of-service (DoS) ...)
 	NOT-FOR-US: SICK AG
 CVE-2025-32471 (The device\u2019s passwords have not been adequately salted, making th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79180192f8d6bd91b5a39c3817f840f61f0a26bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79180192f8d6bd91b5a39c3817f840f61f0a26bb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250428/0cc8b6c5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list