[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for Zyxel

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Mar 11 09:08:07 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
667cc316 by Moritz Muehlenhoff at 2025-03-11T10:07:30+01:00
auto-nfu: Add rule for Zyxel

- - - - -
bd82fc07 by Moritz Muehlenhoff at 2025-03-11T10:07:53+01:00
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -149,11 +149,11 @@ CVE-2024-13413 (The ProductDyno plugin for WordPress is vulnerable to Reflected
 CVE-2024-13228 (The Qubely \u2013 Advanced Gutenberg Blocks plugin for WordPress is vu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-12010 (A post-authentication command injection vulnerability in the \u201dzyU ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-12009 (A post-authentication command injection vulnerability in the "ZyEE" fu ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-11253 (A post-authentication command injection vulnerability in the "DNSServe ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2025-1828 (Crypt::Random Perl package 1.05 through 1.55 may use rand() function,  ...)
 	NOT-FOR-US: Crypt-Random Perl module
 	NOTE: https://github.com/perl-Crypt-OpenPGP/Crypt-Random/pull/1


=====================================
data/packages/nfu.yaml
=====================================
@@ -43,6 +43,8 @@
   cna: MediaTek
 - reason: ZTE
   cna: zte
+- reason: Zyxel
+  cna: Zyxel
 # Complex rules (Hint: allOf, anyOf, not)
 - reason: Esri
   allOf:



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fb37a607f7f8e26b516659a7b6df82308ee4add1...bd82fc074e6d9818f20e7761e0a9c86c2b88f5b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fb37a607f7f8e26b516659a7b6df82308ee4add1...bd82fc074e6d9818f20e7761e0a9c86c2b88f5b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250311/4b79c007/attachment.htm>

More information about the debian-security-tracker-commits mailing list