[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Mar 16 08:17:59 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d30e511 by Salvatore Bonaccorso at 2025-03-16T09:17:35+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,65 +9,65 @@ CVE-2025-2335 (A vulnerability classified as problematic was found in Drivin Sol
 CVE-2025-2334 (A vulnerability classified as problematic has been found in 274056675  ...)
 	TODO: check
 CVE-2025-27281 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26978 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26976 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26972 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26969 (Missing Authorization vulnerability in Aldo Latino PrivateContent. Thi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26961 (Missing Authorization vulnerability in NotFound Fresh Framework allows ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26940 (Path Traversal vulnerability in NotFound Pie Register Premium. This is ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26924 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26921 (Deserialization of Untrusted Data vulnerability in magepeopleteam Book ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26899 (Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Reco ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26895 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26886 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26875 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26556 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26555 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26554 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26553 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26548 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-24856 (An issue was discovered in the oidc (aka OpenID Connect Authentication ...)
 	TODO: check
 CVE-2025-23744 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-1624 (The GDPR Cookie Compliance  WordPress plugin before 4.15.9 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1623 (The GDPR Cookie Compliance  WordPress plugin before 4.15.9 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1622 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1621 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1620 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1619 (The GDPR Cookie Compliance  WordPress plugin before 4.15.7 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0524
 	REJECTED
 CVE-2024-58103 (Square Wire before 5.2.0 does not enforce a recursion limit on nested  ...)
 	TODO: check
 CVE-2024-13602 (The Poll Maker  WordPress plugin before 5.5.4 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13126 (The Download Manager WordPress plugin before 3.3.07 doesn't prevent di ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2022-49737 (In X.Org X server 20.11 through 21.1.16, when a client application use ...)
 	TODO: check
 CVE-2025-2333



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d30e5110a4917c7a066fb3b71da08192190c286

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d30e5110a4917c7a066fb3b71da08192190c286
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250316/7ea8a8bc/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list