[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ae9a7f7d by Salvatore Bonaccorso at 2025-03-26T10:05:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,15 +7,15 @@ CVE-2025-30222 (Shescape is a simple shell escape library for JavaScript. Versio
 CVE-2025-30219 (RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3  ...)
 	TODO: check
 CVE-2025-2576 (The Ayyash Studio \u2014 The kick-start kit plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2573 (The Amazing service box Addons For WPBakery Page Builder (formerly Vis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2302 (The Advanced Woo Search plugin for WordPress is vulnerable to Stored C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2276 (The Ultimate Dashboard \u2013 Custom WordPress Dashboard plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2165 (The SH Email Alert plugin for WordPress is vulnerable to Reflected Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-29789 (OpenEMR is a free and open source electronic health records and medica ...)
 	TODO: check
 CVE-2025-25374 (In NASA cFS (Core Flight System) Aquila, it is possible to put the onb ...)
@@ -27,9 +27,9 @@ CVE-2025-25372 (NASA cFS (Core Flight System) Aquila is vulnerable to segmentati
 CVE-2025-25371 (NASA cFS (Core Flight System) Aquila is vulnerable to path traversal i ...)
 	TODO: check
 CVE-2025-1784 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for WordPress is  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1490 (The Smart Maintenance Mode plugin for WordPress is vulnerable to Refle ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-55030 (A command injection vulnerability in the Command Dispatcher Service of ...)
 	TODO: check
 CVE-2024-55029 (NASA Fprime v3.4.3 was discovered to contain multiple cross-site scrip ...)
@@ -37,15 +37,15 @@ CVE-2024-55029 (NASA Fprime v3.4.3 was discovered to contain multiple cross-site
 CVE-2024-55028 (A template injection vulnerability in the Dashboard of NASA Fprime v3. ...)
 	TODO: check
 CVE-2024-30155 (HCL SX does not set the secure attribute on authorization tokens or se ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-13146 (The Booknetic WordPress plugin before 4.1.5 does not have CSRF check w ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12683 (The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sani ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11847 (The wp-svg-upload WordPress plugin through 1.0.0 does not sanitize SVG ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52972 (Huawei PCs have a vulnerability that allows low-privilege users to byp ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-2783
 	- chromium <not-affected> (Only affects Chromium on Windows)
 CVE-2025-30567 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae9a7f7dd494a6ed1f07ebbc1309d264037c5f99

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae9a7f7dd494a6ed1f07ebbc1309d264037c5f99
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250326/fb4626c9/attachment.htm>