[Git][security-tracker-team/security-tracker][master] auto-nfu: Add B.Braun

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Jun 7 22:01:48 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cab64509 by Moritz Mühlenhoff at 2025-06-07T23:01:10+02:00
auto-nfu: Add B.Braun

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,13 +15,13 @@ CVE-2025-5528 (The Social Sharing Plugin \u2013 Sassy Social Share plugin for Wo
 CVE-2025-5303 (The LTL Freight Quotes \u2013 Freightview Edition, LTL Freight Quotes  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-49619 (Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models ...)
-	TODO: check
+	NOT-FOR-US: Skyvern
 CVE-2024-9994 (The Essential Addons for Elementor \u2013 Best Elementor Addon, Templa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9993 (The Essential Addons for Elementor \u2013 Best Elementor Addon, Templa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-55585 (In the moPS App through 1.8.618, all users can access administrative A ...)
-	TODO: check
+	NOT-FOR-US: moPS app
 CVE-2025-5814 (The Profiler \u2013 What Slowing Down Your WP plugin for WordPress is  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-49128 (Jackson-core contains core low-level incremental ("streaming") parser  ...)
@@ -341,11 +341,11 @@ CVE-2025-41360 (Uncontrolled resource consumption vulnerability in IDF v0.10.0-0
 CVE-2025-3485 (Allegra extractFileFromZip Directory Traversal Remote Code Execution V ...)
 	NOT-FOR-US: Allegra
 CVE-2025-3365 (A missing protection against path traversal allows to access any file  ...)
-	TODO: check
+	NOT-FOR-US: B. Braun
 CVE-2025-3322 (An improper neutralization of inputs used in expression language allow ...)
-	TODO: check
+	NOT-FOR-US: B. Braun
 CVE-2025-3321 (A predefined administrative account is not documented and cannot be de ...)
-	TODO: check
+	NOT-FOR-US: B. Braun
 CVE-2025-39358 (Deserialization of Untrusted Data vulnerability in Teastudio.Pl WP Pos ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-33035 (A path traversal vulnerability has been reported to affect File Statio ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -25,6 +25,8 @@
   cna: autodesk
 - reason: Axis Communication
   cna: Axis
+- reason: B. Braun
+  cna: B.Braun
 - reason: BeyondTrust
   cna: BT
 - reason: Bitdefender



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cab6450942c6c867048cf28aeadf246050d2f722

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cab6450942c6c867048cf28aeadf246050d2f722
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250607/c5fdaef6/attachment.htm>

More information about the debian-security-tracker-commits mailing list