[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Aug 12 09:35:24 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ae08697 by Salvatore Bonaccorso at 2025-08-12T10:35:03+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -48,15 +48,15 @@ CVE-2025-55157 (Vim is an open source, command line text editor. In versions fro
 CVE-2025-55156 (pyLoad is the free and open-source Download Manager written in pure Py ...)
 	- pyload <itp> (bug #1001980)
 CVE-2025-55151 (Stirling-PDF is a locally hosted web application that performs various ...)
-	TODO: check
+	NOT-FOR-US: Stirling-PDF
 CVE-2025-55150 (Stirling-PDF is a locally hosted web application that performs various ...)
-	TODO: check
+	NOT-FOR-US: Stirling-PDF
 CVE-2025-55012 (Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed ...)
 	TODO: check
 CVE-2025-54992 (OpenKilda is an open-source OpenFlow controller. Prior to version 1.16 ...)
-	TODO: check
+	NOT-FOR-US: OpenKilda
 CVE-2025-54878 (CryptoLib provides a software-only solution using the CCSDS Space Data ...)
-	TODO: check
+	NOT-FOR-US: NASA CryptoLib
 CVE-2025-4390 (The WP Private Content Plus plugin for WordPress is vulnerable to Sens ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-47444 (Insertion of Sensitive Information Into Sent Data vulnerability in Liq ...)
@@ -94,15 +94,15 @@ CVE-2025-42935 (The SAP NetWeaver Application Server ABAP and ABAP Platform Inte
 CVE-2025-42934 (SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attac ...)
 	NOT-FOR-US: SAP
 CVE-2025-41686 (A low-privileged local attacker can exploit improper permissions on ns ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2025-3892 (ACAP applications can be executed with elevated privileges, potentiall ...)
 	NOT-FOR-US: Axis Communication
 CVE-2025-30027 (An ACAP configuration file lacked sufficient input validation, which c ...)
 	NOT-FOR-US: Axis Communication
 CVE-2025-25235 (Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SE ...)
-	TODO: check
+	NOT-FOR-US: Omnissa
 CVE-2024-32640 (MASA CMS is an Enterprise Content Management platform based on open so ...)
-	TODO: check
+	NOT-FOR-US: MASA CMS
 CVE-2025-40920 (Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier  ...)
 	- libcatalyst-authentication-credential-http-perl <unfixed> (bug #1110887)
 	[trixie] - libcatalyst-authentication-credential-http-perl <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ae086973d0d622d4d2170596a0011b5fc36441e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ae086973d0d622d4d2170596a0011b5fc36441e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250812/362d0f9a/attachment.htm>
