[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b696f84e by Moritz Muehlenhoff at 2025-03-28T09:32:34+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,17 +5,17 @@ CVE-2025-31092 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-31031 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-2894 (The Go1also known as "The World's First Intelligence Bionic Quadruped  ...)
-	TODO: check
+	NOT-FOR-US: Unitree Go1
 CVE-2025-2888 (During a snapshot rollback, the client incorrectly caches the timestam ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2025-2887 (During a target rollback, the client fails to detect the rollback for  ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2025-2886 (Missing validation of terminating delegation causes the client to cont ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2025-2885 (Missing validation of the root metatdata version number could allow an ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2025-2878 (A vulnerability was found in Kentico CMS up to 13.0.178. It has been d ...)
-	TODO: check
+	NOT-FOR-US: Kentico CMS
 CVE-2025-2804 (The tagDiv Composer plugin for WordPress, used by the Newspaper theme, ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2578 (The Booking for Appointments and Events Calendar – Amelia plugin ...)
@@ -29,9 +29,9 @@ CVE-2025-2294 (The Kubio AI Page Builder plugin for WordPress is vulnerable to L
 CVE-2025-2074 (The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to ge ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2027 (A double free vulnerability has been identified in the ASUS System Ana ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2025-28253 (Cross-Site Scripting (XSS) vulnerability in MainWP MainWP Dashboard v5 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26956 (Missing Authorization vulnerability in Shinetheme Traveler.This issue  ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26898 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -372,7 +372,7 @@ CVE-2025-30093 (HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x
 	- condor <unfixed>
 	NOTE: https://htcondor.org/security/vulnerabilities/HTCONDOR-2025-0001.html
 CVE-2025-2867 (An issue has been discovered in the GitLab Duo with Amazon Q affecting ...)
-	TODO: check
+	NOT-FOR-US: GitLab Duo with Amazon Q
 CVE-2025-2857 (Following the recent Chrome sandbox escape (CVE-2025-2783), various Fi ...)
 	- firefox <not-affected> (Only affects Firefox on Windows)
 	- firefox-esr <not-affected> (Only affects Firefox ESR on Windows)
@@ -466,7 +466,7 @@ CVE-2025-26731 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-26619 (Vega is a visualization grammar, a declarative format for creating, sa ...)
 	NOT-FOR-US: Vega
 CVE-2025-26265 (A segmentation fault in openairinterface5g v2.1.0 allows attackers to  ...)
-	TODO: check
+	NOT-FOR-US: openairinterface5g
 CVE-2025-25686 (semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php.)
 	NOT-FOR-US: semcms
 CVE-2025-25100 (Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b696f84e1a8481caee22249d2ed26af3cc2ad73e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b696f84e1a8481caee22249d2ed26af3cc2ad73e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250328/c7878b09/attachment.htm>