[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a527038 by Salvatore Bonaccorso at 2025-03-18T21:56:46+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50,9 +50,9 @@ CVE-2025-2487 (A flaw was found in the 389-ds-base LDAP Server. This issue occur
 	- 389-ds-base <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2353071
 CVE-2025-2450 (NI Vision Builder AI VBAI File Processing Missing Warning Remote Code  ...)
-	TODO: check
+	NOT-FOR-US: NI
 CVE-2025-2449 (NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code  ...)
-	TODO: check
+	NOT-FOR-US: NI
 CVE-2025-29930 (imFAQ is an advanced questions and answers management system for Impre ...)
 	NOT-FOR-US: ImpressCMS
 CVE-2025-29907 (jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.1, use ...)
@@ -94,19 +94,19 @@ CVE-2025-24801 (GLPI is a free asset and IT management software package. An auth
 CVE-2025-24799 (GLPI is a free asset and IT management software package. An unauthenti ...)
 	TODO: check
 CVE-2025-24306 (Improper neutralization of special elements used in an OS command ('OS ...)
-	TODO: check
+	NOT-FOR-US: +F FS010M
 CVE-2025-21619 (GLPI is a free asset and IT management software package. An administra ...)
 	TODO: check
 CVE-2025-1468 (An unauthenticated remote attacker can gain access to sensitive inform ...)
-	TODO: check
+	NOT-FOR-US: CODESYS OPC UA Server
 CVE-2025-0694 (Insufficient path validation in CODESYS Control allows low privileged  ...)
-	TODO: check
+	NOT-FOR-US: CODESYS
 CVE-2024-8997 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Vestel EVC04 Configuration Interface
 CVE-2024-57170 (SOPlanning 1.53.00 is vulnerable to a directory traversal issue in /pr ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2024-57169 (A file upload bypass vulnerability exists in SOPlanning 1.53.00, speci ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2024-56347 (IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could  ...)
 	NOT-FOR-US: IBM
 CVE-2024-56346 (IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote at ...)
@@ -114,9 +114,9 @@ CVE-2024-56346 (IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a rem
 CVE-2024-49822 (IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side re ...)
 	NOT-FOR-US: IBM
 CVE-2024-44314 (TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: TastyIgniter
 CVE-2024-44313 (TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: TastyIgniter
 CVE-2024-41975 (An unauthenticated remote attacker can gain limited information of the ...)
 	TODO: check
 CVE-2024-23943 (An unauthenticated remote attacker can gain access to the cloud API du ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a52703853feb92d8b00b081c0423b2282303943

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a52703853feb92d8b00b081c0423b2282303943
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250318/5f384fd3/attachment.htm>