[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a40223fe by Moritz Muehlenhoff at 2025-07-01T13:34:32+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,11 +101,11 @@ CVE-2025-52491 (Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.)
 CVE-2025-4407 (Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.Th ...)
 	NOT-FOR-US: ABB group
 CVE-2025-49521 (A flaw was found in the EDA component of the Ansible Automation Platfo ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Ansible Automation Platform
 CVE-2025-49520 (A flaw was found in Ansible Automation Platform\u2019s EDA component w ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Ansible Automation Platform
 CVE-2025-49493 (Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion vi ...)
-	TODO: check
+	NOT-FOR-US: Akamai
 CVE-2025-47871 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10. ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2025-46702 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10. ...)
@@ -123,9 +123,9 @@ CVE-2025-40733 (Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expe
 CVE-2025-40732 (user enumeration vulnerability in Daily Expense Manager v1.0. To explo ...)
 	NOT-FOR-US: Daily Expense Manager
 CVE-2025-40731 (SQL injection vulnerability in Daily Expense Manager v1.0. This vulner ...)
-	TODO: check
+	NOT-FOR-US: Daily Expense Manager
 CVE-2025-40710 (Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN cl ...)
-	TODO: check
+	NOT-FOR-US: Hotspot Shield VPN
 CVE-2025-36593 (Dell OpenManage Network Integration, versions prior to 3.8, contains a ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-36056 (IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.1 ...)
@@ -135,9 +135,9 @@ CVE-2025-2895 (IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix
 CVE-2025-2141 (IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.1 ...)
 	NOT-FOR-US: IBM
 CVE-2025-26074 (Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary  ...)
-	TODO: check
+	NOT-FOR-US: Orkes Conductor
 CVE-2024-8419 (The endpoint hosts a script that allows an unauthorized remote attacke ...)
-	TODO: check
+	NOT-FOR-US: ifm Smart PLC AC4xxS Firmware
 CVE-2024-53621 (A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 1 ...)
 	NOT-FOR-US: Tenda
 CVE-2024-49365 (tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version ...)
@@ -145,11 +145,11 @@ CVE-2024-49365 (tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to v
 CVE-2024-49364 (tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version ...)
 	TODO: check
 CVE-2024-46993 (Electron is an open source framework for writing cross-platform deskto ...)
-	TODO: check
+	- electron <itp> (bug #842420)
 CVE-2024-46992 (Electron is an open source framework for writing cross-platform deskto ...)
-	TODO: check
+	- electron <itp> (bug #842420)
 CVE-2024-12915 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Devinim Software Library Software
 CVE-2023-47310 (A misconfiguration in the default settings of MikroTik RouterOS 7 and  ...)
 	TODO: check
 CVE-2025-6554 (Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a40223fe8aa2be7e9c35aa43fd1b30f3063d961d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a40223fe8aa2be7e9c35aa43fd1b30f3063d961d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250701/2d066ed5/attachment.htm>