[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Mar 12 12:57:03 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e43440ba by Moritz Muehlenhoff at 2025-03-12T13:56:46+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -93,7 +93,7 @@ CVE-2024-58088 [bpf: Fix deadlock when freeing cgroup storage]
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/c78f4afbd962f43a3989f45f3ca04300252b19b5 (6.14-rc4)
 CVE-2025-2233 (Samsung SmartThings Improper Verification of Cryptographic Signature A ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-2220 (A vulnerability was found in Odyssey CMS up to 10.34. It has been clas ...)
 	NOT-FOR-US: Odyssey CMS
 CVE-2025-2219 (A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and cla ...)
@@ -661,13 +661,13 @@ CVE-2024-52960 (A client-side enforcement of server-side security vulnerability
 CVE-2024-52285 (A vulnerability has been identified in SiPass integrated AC5102 (ACC-G ...)
 	NOT-FOR-US: Siemens
 CVE-2024-51322 (Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 al ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti Ad Hoc Infinity
 CVE-2024-51321 (In Zucchetti Ad Hoc Infinity 2.4, an improper check on the m_cURL para ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti Ad Hoc Infinity
 CVE-2024-51320 (Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 al ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti Ad Hoc Infinity
 CVE-2024-51319 (A local file include vulnerability in the /servlet/Report of Zucchetti ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti Ad Hoc Infinity
 CVE-2024-46663 (A stack-buffer overflow vulnerability [CWE-121] in Fortinet FortiMail  ...)
 	NOT-FOR-US: Fortinet
 CVE-2024-45328 (An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4 ...)
@@ -679,7 +679,7 @@ CVE-2024-33501 (Two improper neutralization of special elements used in an SQL C
 CVE-2024-32123 (Multiple improper neutralization of special elements used in an os com ...)
 	NOT-FOR-US: Fortinet
 CVE-2024-28607 (The ip-utils package through 2.4.0 for Node.js might allow SSRF becaus ...)
-	TODO: check
+	NOT-FOR-US: Node ip-utils
 CVE-2024-12546 (EDK2 contains a vulnerability in BIOS where a user may cause an Intege ...)
 	TODO: check
 CVE-2023-48790 (A cross site request forgery vulnerability [CWE-352] in Fortinet Forti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e43440baa2a4c5e685d4fe45fc2d538bc7055d08

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e43440baa2a4c5e685d4fe45fc2d538bc7055d08
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250312/349772e4/attachment.htm>

More information about the debian-security-tracker-commits mailing list