[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Mar 23 21:53:07 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f5714fc by Moritz Muehlenhoff at 2025-03-23T22:52:42+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,9 +41,9 @@ CVE-2025-2646 (A vulnerability was found in PHPGurukul Art Gallery Management Sy
 CVE-2025-2645 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-29806 (No cwe for this issue in Microsoft Edge (Chromium-based) allows an una ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-29795 (Improper link resolution before file access ('link following') in Micr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-27553 (Relative Path Traversal vulnerability in Apache Commons VFS before 2.1 ...)
 	- commons-vfs <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2025/03/23/1
@@ -225,7 +225,7 @@ CVE-2025-27933 (Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <
 CVE-2025-27715 (Mattermost versions 9.11.x <= 9.11.8 fail to prompt for explicit appro ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2025-27612 (libcontainer is a library for container control. Prior to libcontainer ...)
-	TODO: check
+	NOT-FOR-US: libcontainer
 CVE-2025-25274 (Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11 ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2025-25068 (Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11 ...)
@@ -243,9 +243,9 @@ CVE-2024-57490 (Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user lo
 CVE-2024-53351 (Insecure permissions in pipecd v0.49 allow attackers to gain access to ...)
 	NOT-FOR-US: pipecd
 CVE-2024-53350 (Insecure permissions in kubeslice v1.3.1 allow attackers to gain acces ...)
-	TODO: check
+	NOT-FOR-US: KubeSlice
 CVE-2024-53349 (Insecure permissions in kuadrant v0.11.3 allow attackers to gain acces ...)
-	TODO: check
+	NOT-FOR-US: kuadrant
 CVE-2024-53348 (LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control wh ...)
 	NOT-FOR-US: LoxiLB
 CVE-2023-43029 (IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f5714fc3ddfdfdb747399779075fa93bceab3a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f5714fc3ddfdfdb747399779075fa93bceab3a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250323/2ffc2a90/attachment.htm>

More information about the debian-security-tracker-commits mailing list