[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 21 20:20:32 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
16a1a074 by Salvatore Bonaccorso at 2025-01-21T21:20:11+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,55 +1,55 @@
 CVE-2025-24461 (In JetBrains TeamCity before 2024.12.1 decryption of connection secret ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2025-24460 (In JetBrains TeamCity before 2024.12.1 improper access control allowed ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2025-24459 (In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on t ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2025-24458 (In JetBrains YouTrack before 2024.3.55417 account takeover was possibl ...)
-	TODO: check
+	NOT-FOR-US: JetBrains YouTrack
 CVE-2025-24457 (In JetBrains YouTrack before 2024.3.55417 permanent tokens could be ex ...)
-	TODO: check
+	NOT-FOR-US: JetBrains YouTrack
 CVE-2025-24456 (In JetBrains Hub before 2024.3.55417 privilege escalation was possible ...)
-	TODO: check
+	NOT-FOR-US: JetBrains Hub
 CVE-2025-24024 (Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to ma ...)
-	TODO: check
+	NOT-FOR-US: Mjolnir
 CVE-2025-24020 (WeGIA is a Web manager for charitable institutions. An Open Redirect v ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2025-24019 (YesWiki is a wiki system written in PHP. In versions up to and includi ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-24018 (YesWiki is a wiki system written in PHP. In versions up to and includi ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-24017 (YesWiki is a wiki system written in PHP. Versions up to and including  ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-24012 (Umbraco is a free and open source .NET content management system. Star ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2025-24011 (Umbraco is a free and open source .NET content management system. Star ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2025-24001 (Cross-Site Request Forgery (CSRF) vulnerability in PPO Vi\u1ec7t Nam ( ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23998 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23997 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23996 (Cross-Site Request Forgery (CSRF) vulnerability in anyroad.com AnyRoad ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23994 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23580 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23551 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23489 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23477 (Missing Authorization vulnerability in Realty Workstation Realty Works ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23461 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23454 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-23369 (An improper verification of cryptographic signature vulnerability was  ...)
 	TODO: check
 CVE-2025-23184 (A potential denial of service vulnerability is present in versions of  ...)
-	TODO: check
+	NOT-FOR-US: Apache CXF
 CVE-2025-23086 (On most desktop platforms, Brave Browser versions 1.70.x-1.73.x includ ...)
 	TODO: check
 CVE-2025-22825 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16a1a074ba96df94fdff8407ab356a3f55c90b33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16a1a074ba96df94fdff8407ab356a3f55c90b33
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250121/85aa035b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list