[Git][security-tracker-team/security-tracker][master] drop NFU for rejected issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aee6ada3 by Moritz Muehlenhoff at 2025-08-12T08:23:11+02:00
drop NFU for rejected issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4414,7 +4414,6 @@ CVE-2025-8058 (The regcomp function in the GNU C library version from 2.4 to 2.4
 	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=7ea06e994093fa0bcca0d0ee2c1db271d8d7885d
 CVE-2025-8022
 	REJECTED
-	NOT-FOR-US: bun
 CVE-2025-8021 (All versions of the package files-bucket-server are vulnerable to Dire ...)
 	NOT-FOR-US: files-bucket-server Node.js module
 CVE-2025-8020 (All versions of the package private-ip are vulnerable to Server-Side R ...)
@@ -6042,16 +6041,16 @@ CVE-2024-42209 (HCL Connections is vulnerable to an information disclosure vulne
 	NOT-FOR-US: HCL
 CVE-2024-41921 (A code injection vulnerability has been discovered in the Robot Operat ...)
 	- ros-ros-comm <unfixed> (bug #1110773; unimportant)
-	NOTE: Negligible security impact
+	NOTE: Bogus report, all input to eval comes from trusted input
 CVE-2024-41148 (A code injection vulnerability has been discovered in the Robot Operat ...)
 	- ros-ros-comm <unfixed> (bug #1110773; unimportant)
-	NOTE: Negligible security impact
+	NOTE: Bogus report, all input to eval comes from trusted input
 CVE-2024-39835 (A code injection vulnerability has been identified in the Robot Operat ...)
 	- ros-ros-comm <unfixed> (bug #1110773; unimportant)
-	NOTE: Negligible security impact
+	NOTE: Bogus report, all input to eval comes from trusted input
 CVE-2024-39289 (A code execution vulnerability has been discovered in the Robot Operat ...)
 	- ros-ros-comm <unfixed> (bug #1110773; unimportant)
-	NOTE: Negligible security impact
+	NOTE: Bogus report, all input to eval comes from trusted input
 CVE-2024-32323 (SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a ...)
 	NOT-FOR-US: cnhcit.com Haichang OA
 CVE-2024-32124 (An improper access control vulnerability [CWE-284] in FortiIsolator ve ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aee6ada36a9c843ba745454835094e7715a3b12e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aee6ada36a9c843ba745454835094e7715a3b12e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250812/c1e770ed/attachment.htm>