[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Mar 19 08:59:03 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7008e862 by Salvatore Bonaccorso at 2025-03-19T09:58:43+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2025-1232 (The Site Reviews WordPress plugin before 7.2.5 does not properly
 CVE-2024-57151 (SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allo ...)
 	NOT-FOR-US: rainrocka xinhu
 CVE-2024-50631 (Improper neutralization of special elements used in an SQL command ('S ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-50630 (Missing authentication for critical function vulnerability in the weba ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-50629 (Improper encoding or escaping of output vulnerability in the webapi co ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-13412 (The CozyStay theme for WordPress is vulnerable to unauthorized modific ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13410 (The CozyStay and TinySalt plugins for WordPress are vulnerable to PHP  ...)
@@ -29,15 +29,15 @@ CVE-2024-12563 (The s2Member Pro plugin for WordPress is vulnerable to Local Fil
 CVE-2024-12295 (The BoomBox Theme Extensions plugin for WordPress is vulnerable to pri ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-11131 (A vulnerability regarding out-of-bounds read is found in the video int ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-10445 (Improper certificate validation vulnerability in the update functional ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-10444 (Improper certificate validation vulnerability in the LDAP utilities in ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-10442 (Off-by-one error vulnerability in the transmission component in Synolo ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2024-10441 (Improper encoding or escaping of output vulnerability in the system pl ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2025-29918 [detect: infinite loop with negated pcre and indefinite recursion limit setting]
 	- suricata 1:7.0.9-1
 	NOTE: Fixed by: https://github.com/OISF/suricata/commit/b14c67cbdf25fa6c7ffe0d04ddf3ebe67b12b50b (master)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7008e862cb5ede488b8b60b54fff90bb7ea41489

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7008e862cb5ede488b8b60b54fff90bb7ea41489
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250319/cf294871/attachment-0001.htm>
