[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Mar 12 21:03:45 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af079986 by Salvatore Bonaccorso at 2025-03-12T22:03:21+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,7 +43,7 @@ CVE-2025-25565 (SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the
 CVE-2025-22954 (Koha <= 21.11 is contains a SQL Injection vulnerability in /serials/la ...)
 	TODO: check
 CVE-2025-21590 (An Improper Isolation or Compartmentalization vulnerability in the ker ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-20209 (A vulnerability in the Internet Key Exchange version 2 (IKEv2) functio ...)
 	TODO: check
 CVE-2025-20177 (A vulnerability in the boot process of Cisco IOS XR Software could all ...)
@@ -71,7 +71,7 @@ CVE-2025-1960 (CWE-1188: Initialization of a Resource with an Insecure Default v
 CVE-2025-1683 (Improper link resolution before file access in the Nomad module of the ...)
 	TODO: check
 CVE-2025-1527 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +2 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0884 (Unquoted Search Path or Element vulnerability in OpenText\u2122 Servic ...)
 	TODO: check
 CVE-2025-0883 (Improper Neutralization of Script in an Error Message Web Page vulnera ...)
@@ -89,7 +89,7 @@ CVE-2025-0115 (A vulnerability in the Palo Alto Networks PAN-OS software enables
 CVE-2025-0114 (A Denial of Service (DoS) vulnerability in the GlobalProtect feature o ...)
 	TODO: check
 CVE-2024-52362 (IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-34398 (An issue was discovered in BMC Remedy Mid Tier 7.6.04. The web applica ...)
 	TODO: check
 CVE-2024-27763 (XPixelGroup BasicSR through 1.4.2 might locally allow code execution i ...)
@@ -103,9 +103,9 @@ CVE-2024-13871 (A command injection vulnerability exists in the /check_image_and
 CVE-2024-13870 (An improper access control vulnerability exists in Bitdefender Box 1 ( ...)
 	TODO: check
 CVE-2024-13446 (The Workreap plugin for WordPress is vulnerable to privilege escalatio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13430 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10838 (An integer underflow during deserialization may allow any unauthentica ...)
 	TODO: check
 CVE-2025-27867 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af07998674643fb36e8a66d055d14dc1838e7cee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af07998674643fb36e8a66d055d14dc1838e7cee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250312/20f88a47/attachment.htm>

More information about the debian-security-tracker-commits mailing list