[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a2bf677f by Salvatore Bonaccorso at 2025-03-21T21:14:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,11 @@ CVE-2025-30168 (Parse Server is an open source backend that can be deployed to a
 CVE-2025-30157 (Envoy is a cloud-native high-performance edge/middle/service proxy. Pr ...)
 	TODO: check
 CVE-2025-2603 (A vulnerability was found in SourceCodester Kortex Lite Advocate Offic ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-2602 (A vulnerability has been found in SourceCodester Kortex Lite Advocate  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-2601 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-2598 (When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (A ...)
 	TODO: check
 CVE-2025-2597 (Reflected Cross-Site Scripting (XSS) in ITIUM 6050 version 5.5.5.2-b35 ...)
@@ -23,9 +23,9 @@ CVE-2025-2592 (A vulnerability, which was classified as critical, has been found
 CVE-2025-2591 (A vulnerability classified as problematic was found in Open Asset Impo ...)
 	TODO: check
 CVE-2025-2590 (A vulnerability was found in code-projects Human Resource Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-2589 (A vulnerability was found in code-projects Human Resource Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-2588 (A vulnerability has been found in Hercules Augeas 1.14.1 and classifie ...)
 	TODO: check
 CVE-2025-2587 (A vulnerability, which was classified as critical, was found in Jinher ...)
@@ -73,7 +73,7 @@ CVE-2024-53349 (Insecure permissions in kuadrant v0.11.3 allow attackers to gain
 CVE-2024-53348 (LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control wh ...)
 	TODO: check
 CVE-2023-43029 (IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-30348 (encodeText in QDom in Qt before 6.8.0 has a complex algorithm involvin ...)
 	- qt6-base 6.8.2+dfsg-5
 	[bookworm] - qt6-base <no-dsa> (Minor issue)
@@ -435317,7 +435317,7 @@ CVE-2019-16153 (A hard-coded password vulnerability in the Fortinet FortiSIEM da
 CVE-2019-16152 (A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 ...)
 	NOT-FOR-US: Fortiguard FortiClient
 CVE-2019-16151 (An improper neutralization of input during web page generation vulnera ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2019-16150 (Use of a hard-coded cryptographic key to encrypt security sensitive da ...)
 	NOT-FOR-US: Fortiguard
 CVE-2019-16149



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2bf677f21b6872d869f676f6f97c4a2af2e8fa9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2bf677f21b6872d869f676f6f97c4a2af2e8fa9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250321/e1efdcb1/attachment.htm>