[Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for TIBCO

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu May 22 16:40:21 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e42341c1 by Moritz Muehlenhoff at 2025-05-22T17:39:06+02:00
auto-nfu: Add rule for TIBCO

Total CVEs from tibco: 176
Total CVEs from tibco with packages assigned: 9

jasperreports used to be in the archive, but was removed six years ago.

Scope: TIBCO issues only.

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -165,13 +165,13 @@ CVE-2025-41232 (Spring Security Aspects may not correctly locate method security
 CVE-2025-3781 (The Raisely Donation Form plugin for WordPress is vulnerable to Stored ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-3751 (The component listed above contains a vulnerability that can be exploi ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2025-3750 (The Network Posts Extended plugin for WordPress is vulnerable to Store ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-36535 (The embedded web server lacks authentication and access controls, allo ...)
 	TODO: check
 CVE-2025-2261 (Stored XSS in TIBCO ActiveMatrix Administrator allows malicious data t ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2025-2102 (Improper Link Resolution Before File Access ('Link Following') vulnera ...)
 	TODO: check
 CVE-2025-27998 (An issue in Valvesoftware Steam Client Steam Client 1738026274 allows  ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -163,6 +163,8 @@
   cna: synology
 - reason: TECNO Mobile
   cna: TECNOMobile
+- reason: TIBCO
+  cna: tibco
 - reason: Unisoc
   cna: Unisoc
 - reason: WatchGuard



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e42341c17cfeddee9c1e5b2484e3e13128a6c164

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e42341c17cfeddee9c1e5b2484e3e13128a6c164
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250522/81387905/attachment.htm>

More information about the debian-security-tracker-commits mailing list