[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed May 21 21:36:52 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c25ae32c by Salvatore Bonaccorso at 2025-05-21T22:36:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2025-5051 (A vulnerability classified as critical has been found in FreeFloat FTP ...)
-	TODO: check
+	NOT-FOR-US: FreeFloat FTP Server
 CVE-2025-5050 (A vulnerability was found in FreeFloat FTP Server 1.0. It has been rat ...)
-	TODO: check
+	NOT-FOR-US: FreeFloat FTP Server
 CVE-2025-5049 (A vulnerability was found in FreeFloat FTP Server 1.0. It has been dec ...)
-	TODO: check
+	NOT-FOR-US: FreeFloat FTP Server
 CVE-2025-5033 (A vulnerability classified as problematic was found in XiaoBingby TeaC ...)
-	TODO: check
+	NOT-FOR-US: XiaoBingby TeaCMS
 CVE-2025-5032 (A vulnerability classified as critical has been found in Campcodes Onl ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-5031 (A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has be ...)
-	TODO: check
+	NOT-FOR-US: Ackites KillWxapkg
 CVE-2025-5030 (A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has be ...)
-	TODO: check
+	NOT-FOR-US: Ackites KillWxapkg
 CVE-2025-5029 (A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud B ...)
-	TODO: check
+	NOT-FOR-US: Kingdee Cloud Galaxy Private Cloud BBC System
 CVE-2025-5020 (Opening maliciously-crafted URLs in Firefox from other apps such as Sa ...)
 	TODO: check
 CVE-2025-4803 (The Glossary by WPPedia \u2013 Best Glossary plugin for WordPress plug ...)
@@ -47,25 +47,25 @@ CVE-2025-48413 (The `/etc/passwd` and `/etc/shadow` files reveal hard-coded pass
 CVE-2025-48207 (The reint_downloadmanager extension through 5.0.0 for TYPO3 allows Ins ...)
 	TODO: check
 CVE-2025-48206 (The ns_backup extension through 13.0.0 for TYPO3 allows XSS.)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48205 (The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insec ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48204 (The ns_backup extension through 13.0.0 for TYPO3 allows command inject ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48203 (The cs_seo extension through 9.2.0 for TYPO3 allows XSS.)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48202 (The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48201 (The ns_backup extension through 13.0.0 for TYPO3 has a Predictable Res ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48200 (The sr_feuser_register extension through 12.4.8 for TYPO3 allows Remot ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension
 CVE-2025-48069 (ejson2env allows users to decrypt EJSON secrets and export them as env ...)
 	TODO: check
 CVE-2025-48064 (GitHub Desktop is an open-source, Electron-based GitHub app designed f ...)
 	TODO: check
 CVE-2025-48063 (XWiki is a generic wiki platform. In XWiki 16.10.0, required rights we ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2025-48060 (jq is a command-line JSON processor. In versions up to and including 1 ...)
 	TODO: check
 CVE-2025-48012 (Authentication Bypass by Capture-replay vulnerability in Drupal One Ti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c25ae32c65ba0055f574ea33f6f32302e4840e5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c25ae32c65ba0055f574ea33f6f32302e4840e5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250521/419f6d75/attachment.htm>
