[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 16 22:06:14 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd5f8a12 by Salvatore Bonaccorso at 2025-06-16T23:05:50+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84,13 +84,13 @@ CVE-2025-48976 (Allocation of resources for multipart headers with insufficient
 CVE-2025-46710 (Possible kernel exceptions caused by reading and writing kernel heap d ...)
 	NOT-FOR-US: Imagination Technologies
 CVE-2025-40729 (Reflected Cross-Site Scripting (XSS) in /customer_support/index.php in ...)
-	TODO: check
+	NOT-FOR-US: Customer Support System
 CVE-2025-40728 (SQL injection vulnerability in Customer Support System v1.0. This vuln ...)
-	TODO: check
+	NOT-FOR-US: Customer Support System
 CVE-2025-40727 (A Reflected Cross Site Scripting (XSS) vulnerability was found in '/se ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Site CMS from Phoenix
 CVE-2025-40726 (Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-re ...)
-	TODO: check
+	NOT-FOR-US: Nosto
 CVE-2025-3602 (Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 throu ...)
 	NOT-FOR-US: Liferay
 CVE-2025-3594 (Path traversal vulnerability with the downloading and installation of  ...)
@@ -102,9 +102,9 @@ CVE-2025-3464 (A race condition vulnerability exists in Armoury Crate. This vuln
 CVE-2025-36632 (In Tenable Agent versions prior to 10.8.5 on a Windows host, it was fo ...)
 	NOT-FOR-US: Tenable
 CVE-2025-32798 (Conda-build contains commands and tools to build conda packages. Prior ...)
-	TODO: check
+	NOT-FOR-US: Conda-build
 CVE-2025-32797 (Conda-build contains commands and tools to build conda packages. Prior ...)
-	TODO: check
+	NOT-FOR-US: Conda-build
 CVE-2025-2327 (A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is lo ...)
 	NOT-FOR-US: Pure Storage
 CVE-2025-2091 (An open redirection vulnerability in M-Files mobile applications for A ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd5f8a12fba93cb291b85bb92c03a96be1278d9c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd5f8a12fba93cb291b85bb92c03a96be1278d9c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250616/a805d5b1/attachment.htm>

More information about the debian-security-tracker-commits mailing list