[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
25676fc2 by Moritz Muehlenhoff at 2025-03-23T22:49:14+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,7 @@
 CVE-2025-30474 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	- commons-vfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2025/03/23/2
+	NOTE: https://issues.apache.org/jira/browse/VFS-169
 CVE-2025-2691 (Versions of the package nossrf before 1.0.4 are vulnerable to Server-S ...)
 	TODO: check
 CVE-2025-2662 (A vulnerability was found in Project Worlds Online Time Table Generato ...)
@@ -43,7 +45,8 @@ CVE-2025-29806 (No cwe for this issue in Microsoft Edge (Chromium-based) allows
 CVE-2025-29795 (Improper link resolution before file access ('link following') in Micr ...)
 	TODO: check
 CVE-2025-27553 (Relative Path Traversal vulnerability in Apache Commons VFS before 2.1 ...)
-	TODO: check
+	- commons-vfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2025/03/23/1
 CVE-2025-2644 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-2643 (A vulnerability has been found in PHPGurukul Art Gallery Management Sy ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25676fc2b953c8640606992236f0666eec79e15b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25676fc2b953c8640606992236f0666eec79e15b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250323/9a4e0c14/attachment.htm>