[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 4 21:02:29 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
761fb7fd by Salvatore Bonaccorso at 2025-12-04T22:02:06+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,15 +53,15 @@ CVE-2025-57210 (Incorrect access control in the component ApiPayController.java
 CVE-2025-56427 (Directory Traversal vulnerability in ComposioHQ v.0.7.20 allows a remo ...)
 	NOT-FOR-US: ComposioHQ
 CVE-2025-54307 (An issue was discovered in the Thermo Fisher Torrent Suite Django appl ...)
-	TODO: check
+	NOT-FOR-US: Thermo Fisher Torrent Suite Django application
 CVE-2025-54306 (An issue was discovered in the Thermo Fisher Torrent Suite Django appl ...)
-	TODO: check
+	NOT-FOR-US: Thermo Fisher Torrent Suite Django application
 CVE-2025-54305 (An issue was discovered in the Thermo Fisher Torrent Suite Django appl ...)
-	TODO: check
+	NOT-FOR-US: Thermo Fisher Torrent Suite Django application
 CVE-2025-54304 (An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS100 ...)
-	TODO: check
+	NOT-FOR-US: Thermo Fisher
 CVE-2025-54303 (The Thermo Fisher Torrent Suite Django application 5.18.1 has weak def ...)
-	TODO: check
+	NOT-FOR-US: Thermo Fisher
 CVE-2025-54160 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
 	NOT-FOR-US: Synology
 CVE-2025-54159 (Missing authorization vulnerability in BeeDrive in Synology BeeDrive f ...)
@@ -69,7 +69,7 @@ CVE-2025-54159 (Missing authorization vulnerability in BeeDrive in Synology BeeD
 CVE-2025-54158 (Missing authentication for critical function vulnerability in BeeDrive ...)
 	NOT-FOR-US: Synology
 CVE-2025-53963 (An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS100 ...)
-	TODO: check
+	NOT-FOR-US: Thermo Fisher
 CVE-2025-41080 (A stored Cross-Site Scripting (XSS) vulnerability has been found in Se ...)
 	TODO: check
 CVE-2025-41079 (A stored Cross-Site Scripting (XSS) vulnerability has been found in Se ...)
@@ -121,7 +121,7 @@ CVE-2025-13488 (Due to a regression introduced in version 3.83.0, a security hea
 CVE-2025-12097 (There is a relative path traversal vulnerability in the NI System Web  ...)
 	NOT-FOR-US: National Instruments
 CVE-2025-11222 (Central Dogma versions before 0.78.0 contain an Open Redirect vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Central Dogma
 CVE-2024-5401 (Improper control of dynamically-managed code resources vulnerability i ...)
 	NOT-FOR-US: Synology
 CVE-2024-45539 (Out-of-bounds write vulnerability in cgi components in Synology DiskSt ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/761fb7fda4e169fe69ee3db05bb242f82d601293

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/761fb7fda4e169fe69ee3db05bb242f82d601293
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251204/f04a9a14/attachment.htm>

More information about the debian-security-tracker-commits mailing list