[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
142cf2b2 by Salvatore Bonaccorso at 2025-05-14T22:21:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
 CVE-2025-4641 (Improper Restriction of XML External Entity Reference vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: bonigarcia webdrivermanager WebDriverManager
 CVE-2025-4640 (Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Over ...)
 	TODO: check
 CVE-2025-4639 (CWE-611 Improper Restriction of XML External Entity Reference in the g ...)
-	TODO: check
+	NOT-FOR-US: Peergos
 CVE-2025-4638 (A vulnerability exists in the inftrees.c component of the zlib library ...)
 	TODO: check
 CVE-2025-4637 (Divide By Zero vulnerability in davisking dlib allows   remote attacke ...)
-	TODO: check
+	NOT-FOR-US: davisking dlib
 CVE-2025-4430 (Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows ...)
-	TODO: check
+	NOT-FOR-US: EZD RP
 CVE-2025-47782 (motionEye is an online interface for the software motion, a video surv ...)
-	TODO: check
+	NOT-FOR-US: motionEye
 CVE-2025-47781 (Rallly is an open-source scheduling and collaboration tool. Versions u ...)
-	TODO: check
+	NOT-FOR-US: Rallly
 CVE-2025-47778 (Sulu is an open-source PHP content management system based on the Symf ...)
-	TODO: check
+	NOT-FOR-US: Sulu
 CVE-2025-47777 (5ire is a cross-platform desktop artificial intelligence assistant and ...)
-	TODO: check
+	NOT-FOR-US: 5ire
 CVE-2025-47775 (Bullfrog is a GithHb Action to block unauthorized outbound traffic in  ...)
-	TODO: check
+	NOT-FOR-US: Bullfrog GithHb Action
 CVE-2025-47710 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
 	NOT-FOR-US: Drupal core and addons
 CVE-2025-47709 (Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for ...)
@@ -41,11 +41,11 @@ CVE-2025-47702 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-47701 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal Restrict rou ...)
 	NOT-FOR-US: Drupal core and addons
 CVE-2025-47445 (Relative Path Traversal vulnerability in Themewinter Eventin allows Pa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-47436 (Heap-based Buffer Overflow vulnerability in Apache ORC.  A vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Apache ORC
 CVE-2025-47292 (Cap Collectif is an online decision making platform that integrates se ...)
-	TODO: check
+	NOT-FOR-US: Cap Collectif
 CVE-2025-46786 (Improper neutralization of special elements in some Zoom Workplace App ...)
 	NOT-FOR-US: Zoom
 CVE-2025-46785 (Buffer over-read in some Zoom Workplace Apps for Windows may allow an  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/142cf2b234897fa29aef65ccad86c1b8b0a2628a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/142cf2b234897fa29aef65ccad86c1b8b0a2628a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250514/aa09cfec/attachment.htm>