[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Mar 12 21:49:27 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
21261b5c by Salvatore Bonaccorso at 2025-03-12T22:48:48+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2025-2240 (A flaw was found in Smallrye, where smallrye-fault-tolerance is v
 CVE-2025-2239 (Generation of Error Message Containing Sensitive Information vulnerabi ...)
 	NOT-FOR-US: Hillstone
 CVE-2025-2002 (CWE-532: Insertion of Sensitive Information into Log Files vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2025-29904 (In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible)
 	NOT-FOR-US: JetBrains Ktor
 CVE-2025-29903 (In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library ex ...)
@@ -68,9 +68,9 @@ CVE-2025-20138 (A vulnerability in the CLI of Cisco IOS XR Software could allow
 CVE-2025-20115 (A vulnerability in confederation implementation for the Border Gateway ...)
 	NOT-FOR-US: Cisco
 CVE-2025-1984 (Xerox Desktop Print Experience application contains a Local Privilege  ...)
-	TODO: check
+	NOT-FOR-US: Xerox
 CVE-2025-1960 (CWE-1188: Initialization of a Resource with an Insecure Default vulner ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2025-1683 (Improper link resolution before file access in the Nomad module of the ...)
 	TODO: check
 CVE-2025-1527 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +2 ...)
@@ -80,7 +80,7 @@ CVE-2025-0884 (Unquoted Search Path or Element vulnerability in OpenText\u2122 S
 CVE-2025-0883 (Improper Neutralization of Script in an Error Message Web Page vulnera ...)
 	TODO: check
 CVE-2025-0813 (CWE-287: Improper Authentication vulnerability exists that could cause ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric
 CVE-2025-0118 (A vulnerability in the Palo Alto Networks GlobalProtect app on Windows ...)
 	TODO: check
 CVE-2025-0117 (A reliance on untrusted input for a security decision in the GlobalPro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21261b5cb8a8412812658caddde197a896a90402

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21261b5cb8a8412812658caddde197a896a90402
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250312/647699b8/attachment.htm>

More information about the debian-security-tracker-commits mailing list