[Git][security-tracker-team/security-tracker][master] auto-nfu: Add Insyde

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
72fb8727 by Moritz Muehlenhoff at 2025-06-11T15:36:52+02:00
auto-nfu: Add Insyde

Total CVEs from Insyde: 2
Total CVEs from Insyde with packages assigned: 0

Scope is: Vulnerabilities in all of Insyde Software’s firmware and
software products, as well as vulnerabilities discovered by Insyde
Software that are not covered by another CNA’s scope.

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -22,7 +22,7 @@ CVE-2025-4798 (The WP-DownloadManager plugin for WordPress is vulnerable to arbi
 CVE-2025-4666 (The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-4275 (Running the provided utility changes the certificate on any Insyde BIO ...)
-	NOT-FOR-US: Insyde
+	TODO: check
 CVE-2025-49793
 	REJECTED
 CVE-2025-49792


=====================================
data/packages/nfu.yaml
=====================================
@@ -99,6 +99,8 @@
   cna: ibm
 - reason: Imagination Technologies
   cna: imaginationtech
+- reason: Insyde
+  cna: Insyde
 - reason: Ivanti
   cna: ivanti
 - reason: Jenkins (core or plugin)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72fb8727b4f9ba04c20e278cfce7a2dd879c5508

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72fb8727b4f9ba04c20e278cfce7a2dd879c5508
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250611/f3029ad5/attachment-0001.htm>