[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 26 21:28:08 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30b1020d by Salvatore Bonaccorso at 2025-02-26T22:25:35+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,7 +59,7 @@ CVE-2025-1726 (There is a SQL injection issuein Esri ArcGIS Monitor versions 202
 CVE-2025-1716 (picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An  ...)
 	TODO: check
 CVE-2025-1517 (The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data T ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1249 (Missing Authorization vulnerability in Pixelite Events Manager allows  ...)
 	TODO: check
 CVE-2025-0941 (MET ONE 3400+ instruments running software v1.0.41 can, under rare con ...)
@@ -69,7 +69,7 @@ CVE-2025-0731 (An unauthenticated remote attacker can upload a .aspx file instea
 CVE-2025-0719 (IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to  ...)
 	TODO: check
 CVE-2024-6810 (The Quiz Organizer plugin for WordPress is vulnerable to Stored Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-53427 (jq v1.7.1 contains a stack-buffer-overflow in the decNumberCopy functi ...)
 	TODO: check
 CVE-2024-52925 (In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution ca ...)
@@ -81,7 +81,7 @@ CVE-2024-47051 (This advisory addresses two critical security vulnerabilities pr
 CVE-2024-46226 (A stored cross site scripting (XSS) vulnerability in HelpDeskZ < v2.0. ...)
 	TODO: check
 CVE-2024-13560 (The Subscriptions & Memberships for PayPal plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8186
 	- gitlab <unfixed>
 CVE-2025-0555



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30b1020dfdbc99dc159ad8c23b8b0ffc46024c16

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30b1020dfdbc99dc159ad8c23b8b0ffc46024c16
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250226/c01c23ef/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list