[Git][security-tracker-team/security-tracker][master] auto-nfu: Add CNA rule for HYPR

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri May 23 10:56:20 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f5522db4 by Moritz Muehlenhoff at 2025-05-23T11:55:35+02:00
auto-nfu: Add CNA rule for HYPR

Total CVEs from HYPR: 17
Total CVEs from HYPR with packages assigned: 0

Scope: All HYPR products only.

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -414,7 +414,7 @@ CVE-2025-36535 (The embedded web server lacks authentication and access controls
 CVE-2025-2261 (Stored XSS in TIBCO ActiveMatrix Administrator allows malicious data t ...)
 	NOT-FOR-US: TIBCO
 CVE-2025-2102 (Improper Link Resolution Before File Access ('Link Following') vulnera ...)
-	TODO: check
+	NOT-FOR-US: HYPR
 CVE-2025-27998 (An issue in Valvesoftware Steam Client Steam Client 1738026274 allows  ...)
 	TODO: check
 CVE-2025-27997 (An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to esca ...)
@@ -470,7 +470,7 @@ CVE-2025-1416 (In Proget MDM, a low-privileged user can retrieve passwords for m
 CVE-2025-1415 (A low-privileged user is able to obtain information about tasks execut ...)
 	NOT-FOR-US: Proget
 CVE-2025-0372 (Concurrent Execution using Shared Resource with Improper Synchronizati ...)
-	TODO: check
+	NOT-FOR-US: HYPR
 CVE-2024-57529 (Cross Site Scripting vulnerability in Jeppesen JetPlanner Pro v.1.6.2. ...)
 	NOT-FOR-US: Jeppesen JetPlanner Pro
 CVE-2024-56429 (itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -87,6 +87,8 @@
   cna: hpe
 - reason: Huawei
   cna: huawei
+- reason: HYPR
+  cna: HYPR
 - reason: IBM
   cna: ibm
 - reason: Imagination Technologies



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5522db48abb1349b577f78c11bf724a9186e980

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5522db48abb1349b577f78c11bf724a9186e980
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250523/fb1b2dba/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list