[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for HCL

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0efed0b2 by Moritz Muehlenhoff at 2025-03-13T22:49:29+01:00
auto-nfu: Add rule for HCL

- - - - -
9e502d5f by Moritz Muehlenhoff at 2025-03-13T22:52:41+01:00
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -93,7 +93,7 @@ CVE-2025-27496 (Snowflake, a platform for using artificial intelligence in the c
 CVE-2025-27138 (DataEase is an open source business intelligence and data visualizatio ...)
 	NOT-FOR-US: DataEase
 CVE-2025-27107 (Integrated Scripting is a tool for creating scripts for handling compl ...)
-	TODO: check
+	NOT-FOR-US: Integrated Scripting
 CVE-2025-27103 (DataEase is an open source business intelligence and data visualizatio ...)
 	NOT-FOR-US: DataEase
 CVE-2025-25625 (FS Inc S3150 8T2F Switch s3150-8t2f-switch-fsos-220d_118101 has a stor ...)
@@ -139,21 +139,21 @@ CVE-2025-1428 (A maliciously crafted CATPART file, when parsed through Autodesk
 CVE-2025-1427 (A maliciously crafted CATPRODUCT file, when parsed through Autodesk Au ...)
 	NOT-FOR-US: Autodesk
 CVE-2024-57348 (Cross Site Scripting vulnerability in PecanProject pecan through v.1.8 ...)
-	TODO: check
+	NOT-FOR-US: PecanProject
 CVE-2024-57062 (An issue in SoundCloud IOS application v.7.65.2 allows a local attacke ...)
-	TODO: check
+	NOT-FOR-US: SoundCloud IOS app
 CVE-2024-55198 (User Enumeration via Discrepancies in Error Messages in the Celk Siste ...)
-	TODO: check
+	NOT-FOR-US: Celk Sistemas Celk Saude
 CVE-2024-53406 (Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulti ...)
-	TODO: check
+	NOT-FOR-US: Espressif Esp idf
 CVE-2024-30143 (HCL AppScan Traffic Recorder fails to adequately neutralize special ch ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-28803 (Cross-site scripting (XSS) vulnerability in Italtel S.p.A. i-MCS NFV v ...)
-	TODO: check
+	NOT-FOR-US: Italtel
 CVE-2024-22880 (Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0. ...)
-	TODO: check
+	NOT-FOR-US: Zadarma
 CVE-2024-12858 (Delta Electronics CNCSoft-G2 Version 2.1.0.16 and prior lacks proper   ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2024-10942 (The All-in-One WP Migration and Backup plugin for WordPress is vulnera ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2271 (A vulnerability exists in Issuetrak v17.2.2 and prior that allows a lo ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -27,6 +27,8 @@
   cna: Gallagher
 - reason: Google devices
   cna: Google_Devices
+- reason: HCL
+  cna: HCL
 - reason: Huawei
   cna: huawei
 - reason: IBM



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/33a69ab1fae1e266b880739e001d6f952513c3e2...9e502d5fc4e892849a866569dbd3f8e1d6d85d1d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/33a69ab1fae1e266b880739e001d6f952513c3e2...9e502d5fc4e892849a866569dbd3f8e1d6d85d1d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250313/88fe2afd/attachment.htm>