[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 10 11:52:22 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a326392d by Moritz Muehlenhoff at 2025-06-10T12:52:04+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,9 +41,9 @@ CVE-2025-5899 (A vulnerability classified as critical was found in GNU PSPP 82fb
 CVE-2025-5898 (A vulnerability classified as critical has been found in GNU PSPP 82fb ...)
 	TODO: check
 CVE-2025-5897 (A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been ra ...)
-	TODO: check
+	NOT-FOR-US: vue-cli
 CVE-2025-5896 (A vulnerability was found in tarojs taro up to 4.1.1. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: Taro
 CVE-2025-4954 (The Axle Demo Importer WordPress plugin through 1.0.3 does not validat ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-4840 (The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 d ...)
@@ -63,7 +63,7 @@ CVE-2025-49138 (HAX CMS PHP allows users to manage their microsite universe with
 CVE-2025-49137 (HAX CMS PHP allows users to manage their microsite universe with a PHP ...)
 	NOT-FOR-US: HAX CMS PHP
 CVE-2025-49004 (Caido is a web security auditing toolkit. Prior to version 0.48.0, due ...)
-	TODO: check
+	NOT-FOR-US: Caido
 CVE-2025-42998 (The security settings in the SAP Business One Integration Framework ar ...)
 	NOT-FOR-US: SAP
 CVE-2025-42996 (SAP MDM Server allows an attacker to gain control of existing client s ...)
@@ -97,29 +97,29 @@ CVE-2025-3076 (The Elementor Website Builder Pro plugin for WordPress is vulnera
 CVE-2025-31325 (Due to a Cross-Site Scripting vulnerability in SAP NetWeaver (ABAP Key ...)
 	NOT-FOR-US: SAP
 CVE-2025-30515 (CyberData011209 Intercom   could allow an authenticated attacker to up ...)
-	TODO: check
+	NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-30507 (CyberData011209 Intercom could allow an unauthenticated user to gather ...)
-	TODO: check
+	NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-30184 (CyberData011209 Intercom could allow an unauthenticated user access to ...)
-	TODO: check
+	NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-30183 (CyberData011209 Intercom  does not properly store or protect web serve ...)
-	TODO: check
+	NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-27819 (In CVE-2023-25194, we announced the RCE/Denial of service attack via S ...)
-	TODO: check
+	- kafka <itp> (bug #786460)
 CVE-2025-27818 (A possible security vulnerability has been identified in Apache Kafka. ...)
-	TODO: check
+	- kafka <itp> (bug #786460)
 CVE-2025-27817 (A possible arbitrary file read and SSRF vulnerability has been identif ...)
 	TODO: check
 CVE-2025-26468 (CyberData 011209    Intercom exposes features that could allow an unau ...)
-	TODO: check
+	NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-23192 (SAP BusinessObjects Business Intelligence (BI Workspace) allows an una ...)
 	NOT-FOR-US: SAP
 CVE-2025-1041 (An improper input validation discovered in   Avaya Call Management Sys ...)
 	TODO: check
 CVE-2025-0037 (In AMD Versal Adaptive SoC devices, the lack of address validation whe ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2025-0036 (In AMD Versal Adaptive SoC devices, the incorrect configuration of the ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2024-55595
 	REJECTED
 CVE-2025-5918 (A vulnerability has been identified in the libarchive library. This fl ...)
@@ -153,9 +153,9 @@ CVE-2025-5890 (A vulnerability classified as problematic has been found in actio
 CVE-2025-5889 (A vulnerability was found in juliangruber brace-expansion up to 1.1.11 ...)
 	TODO: check
 CVE-2025-5888 (A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been dec ...)
-	TODO: check
+	NOT-FOR-US: CaidoWebStack-Guns
 CVE-2025-5887 (A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been cla ...)
-	TODO: check
+	NOT-FOR-US: CaidoWebStack-Guns
 CVE-2025-5886 (A vulnerability was found in Emlog up to 2.5.7 and classified as probl ...)
 	NOT-FOR-US: Emlog
 CVE-2025-5885 (A vulnerability has been found in Konica Minolta bizhub up to 20250202 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a326392d7c23505b0a79c8d9aac2903622b7c716

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a326392d7c23505b0a79c8d9aac2903622b7c716
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250610/c7652726/attachment.htm>

More information about the debian-security-tracker-commits mailing list