[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 24 09:44:51 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf6479d5 by Salvatore Bonaccorso at 2025-05-24T10:44:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-5119 (A vulnerability has been found in Emlog Pro 2.5.11 and classified as c ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2025-5058 (The eMagicOne Store Manager for WooCommerce plugin for WordPress is vu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-5055 (The Smart Forms \u2013 when you need more than just a contact form plu ...)
@@ -13,21 +13,21 @@ CVE-2025-4336 (The eMagicOne Store Manager for WooCommerce plugin for WordPress
 CVE-2025-4223 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-48756 (In group_number in the scsir crate 0.2.0 for Rust, there can be an ove ...)
-	TODO: check
+	NOT-FOR-US: scsir Rust crate
 CVE-2025-48755 (In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for ...)
-	TODO: check
+	NOT-FOR-US: spiral-rs Rust crate
 CVE-2025-48754 (In the memory_pages crate 0.1.0 for Rust, division by zero can occur.)
-	TODO: check
+	NOT-FOR-US: memory_pages Rust crate
 CVE-2025-48753 (In the anode crate 0.1.0 for Rust, data races can occur in unlock in S ...)
-	TODO: check
+	NOT-FOR-US: anode Rust crate
 CVE-2025-48752 (In the process-sync crate 0.2.2 for Rust, the drop function lacks a ch ...)
-	TODO: check
+	NOT-FOR-US: process-sync Rust crate
 CVE-2025-48751 (The process_lock crate 0.1.0 for Rust allows data races in unlock.)
-	TODO: check
+	NOT-FOR-US: process_lock Rust create
 CVE-2025-48739 (A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHi ...)
-	TODO: check
+	NOT-FOR-US: StrangeBee TheHive
 CVE-2025-48738 (An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5. ...)
-	TODO: check
+	NOT-FOR-US: StrangeBee TheHive
 CVE-2025-3869 (The 4stats plugin for WordPress is vulnerable to Cross-Site Request Fo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13427 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf6479d5f4662c8ef43b0a7eddb40cd665e73a93

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf6479d5f4662c8ef43b0a7eddb40cd665e73a93
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250524/832b3076/attachment.htm>

More information about the debian-security-tracker-commits mailing list