[Git][security-tracker-team/security-tracker][master] auto-nfu: Add Ericsson

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri May 23 10:14:13 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08a7ac9b by Moritz Muehlenhoff at 2025-05-23T11:13:28+02:00
auto-nfu: Add Ericsson

Total CVEs from ERIC: 9
Total CVEs from ERIC with packages assigned: 0

Scope: Ericsson issues only.

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -42,11 +42,9 @@ CVE-2025-48061 (wire-webapp is the web application for the open-source messaging
 CVE-2025-47780 (Asterisk is an open-source private branch exchange (PBX). Prior to ver ...)
 	- asterisk <unfixed>
 	NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-c7p6-7mvq-8jq2
-	TODO: check details
 CVE-2025-47779 (Asterisk is an open-source private branch exchange (PBX). Prior to ver ...)
 	- asterisk <unfixed>
 	NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-2grh-7mhv-fcfw
-	TODO: check details
 CVE-2025-46716 (Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit  ...)
 	NOT-FOR-US: Sandboxie
 CVE-2025-46715 (Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit  ...)
@@ -184,7 +182,7 @@ CVE-2024-40459 (An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows
 CVE-2024-40458 (An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local  ...)
 	NOT-FOR-US: Ocuco Innovation
 CVE-2024-25010 (Ericsson RAN Compute and Site Controller 6610 contains in certain conf ...)
-	TODO: check
+	NOT-FOR-US: Ericsson
 CVE-2024-13958 (Stored Cross Site Scripting vulnerabilities exist in ASPECT if adminis ...)
 	NOT-FOR-US: ABB group
 CVE-2024-13957 (SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if ad ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -55,6 +55,8 @@
   cna: Dremio
 - reason: Drupal core and addons
   cna: drupal
+- reason: Ericsson
+  cna: ERIC
 - reason: Forcepoint
   cna: forcepoint
 - reason: Forescout



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08a7ac9b13817660e5ff26518bbf9c1b4eba39c8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08a7ac9b13817660e5ff26518bbf9c1b4eba39c8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250523/1ba77579/attachment.htm>

More information about the debian-security-tracker-commits mailing list