[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jan 31 09:16:35 GMT 2025



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ddcb7b9 by Moritz Muehlenhoff at 2025-01-31T10:15:43+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -525,7 +525,7 @@ CVE-2025-24482 (A Local Code Injection Vulnerability exists in the product and v
 CVE-2025-24481 (An Incorrect Permission Assignment Vulnerability exists in the product ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2025-23362 (The old versions of EXIF Viewer Classic contain a cross-site scripting ...)
-	TODO: check
+	NOT-FOR-US: EXIF Viewer Classic
 CVE-2025-22917 (A reflected cross-site scripting (XSS) vulnerability in Audemium ERP < ...)
 	NOT-FOR-US: Audemium ERP
 CVE-2025-0806 (A vulnerability was found in code-projects Job Recruitment 1.0. It has ...)
@@ -639,7 +639,7 @@ CVE-2025-0065 (Improper Neutralization of Argument Delimiters in the TeamViewer_
 CVE-2024-8401 (CWE-79: Improper Neutralization of Input During Web Page Generation (\ ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2024-7881 (An unprivileged context can trigger a data memory-dependent prefetch e ...)
-	TODO: check
+	NOT-FOR-US: Arm
 CVE-2024-6351 (A malformed packet can cause a buffer overflow in the NWK/APS layer of ...)
 	NOT-FOR-US: Ember ZNet
 CVE-2024-40677 (In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is  ...)
@@ -3549,7 +3549,6 @@ CVE-2025-23207 (KaTeX is a fast, easy-to-use JavaScript library for TeX math ren
 	[bullseye] - node-katex <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546
 	NOTE: https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c (v0.16.21)
-	TODO: check embeded code copy
 CVE-2025-23206 (The AWS Cloud Development Kit (AWS CDK) is an open-source software dev ...)
 	NOT-FOR-US: AWS Cloud Development Kit (AWS CDK)
 CVE-2025-23205 (nbgrader is a system for assigning and grading notebooks. Enabling fra ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ddcb7b95efcf17a8ae63aed20f25be64a9ee576

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ddcb7b95efcf17a8ae63aed20f25be64a9ee576
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250131/9fda60aa/attachment.htm>


More information about the debian-security-tracker-commits mailing list