[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 19 22:04:39 BST 2025



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb68fa8b by Salvatore Bonaccorso at 2025-06-19T23:04:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2025-6273 (A vulnerability was found in WebAssembly wabt up to 1.0.37 and cl
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://github.com/WebAssembly/wabt/issues/2574
 CVE-2025-6272 (A vulnerability has been found in wasm3 0.5.0 and classified as proble ...)
-	TODO: check
+	NOT-FOR-US: wasm3
 CVE-2025-6271 (A vulnerability, which was classified as problematic, was found in swf ...)
 	TODO: check
 CVE-2025-6270 (A vulnerability, which was classified as critical, has been found in H ...)
@@ -35,11 +35,11 @@ CVE-2025-52464 (Meshtastic is an open source mesh networking solution. In versio
 CVE-2025-50200 (RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and p ...)
 	TODO: check
 CVE-2025-4738 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Yirmibes Software MY ERP
 CVE-2025-49014 (jq is a command-line JSON processor. In version 1.8.0 a heap use after ...)
 	TODO: check
 CVE-2025-48886 (Hydra is a layer-two scalability solution for Cardano. Prior to versio ...)
-	TODO: check
+	NOT-FOR-US: Hydra
 CVE-2025-36050 (IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially ...)
 	NOT-FOR-US: IBM
 CVE-2025-33121 (IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12  is vulnerable to  ...)
@@ -47,7 +47,7 @@ CVE-2025-33121 (IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12  is vulnerab
 CVE-2025-33117 (IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12  could allow a pri ...)
 	NOT-FOR-US: IBM
 CVE-2024-24916 (Untrusted DLLs in the installer's directory may be loaded and executed ...)
-	TODO: check
+	NOT-FOR-US: Checkpoint
 CVE-2025-6201 (The Pixel Manager for WooCommerce \u2013 Track Conversions and Analyti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-5524 (The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb68fa8b67dcc63ac85537d98e4d2349bf34130e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb68fa8b67dcc63ac85537d98e4d2349bf34130e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250619/469bbc03/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list