[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
006f9b83 by Salvatore Bonaccorso at 2025-11-20T21:30:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,41 +9,41 @@ CVE-2025-65221 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the
 CVE-2025-65220 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/S ...)
 	NOT-FOR-US: Tenda
 CVE-2025-64428 (Dataease is an open source data visualization analysis tool. Versions  ...)
-	TODO: check
+	NOT-FOR-US: Dataease
 CVE-2025-64185 (Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 an ...)
-	TODO: check
+	NOT-FOR-US: Open OnDemand
 CVE-2025-64027 (Snipe-IT v8.3.4 (build 20218) contains a reflected cross-site scriptin ...)
-	TODO: check
+	- snipe-it <itp> (bug #1005172)
 CVE-2025-63889 (The fetch function in file thinkphp\library\think\Template.php in Thin ...)
-	TODO: check
+	NOT-FOR-US: ThinkPHP
 CVE-2025-63888 (The read function in file thinkphp\library\think\template\driver\File. ...)
-	TODO: check
+	NOT-FOR-US: ThinkPHP
 CVE-2025-63848 (Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2 ...)
 	TODO: check
 CVE-2025-63700 (An issue was discovered in Clerk-js 5.88.0 allowing attackers to bypas ...)
 	TODO: check
 CVE-2025-62731 (SOPlanning is vulnerable to Stored XSS in /feriesendpoint. Malicious a ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62730 (SOPlanning is vulnerable to Privilege Escalation in user management ta ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62729 (SOPlanning is vulnerable to Stored XSS in /statusendpoint. Malicious a ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62724 (Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 an ...)
-	TODO: check
+	NOT-FOR-US: Open OnDemand
 CVE-2025-62709 (ClipBucket v5 is an open source video sharing platform. In ClipBucket  ...)
-	TODO: check
+	NOT-FOR-US: ClipBucket
 CVE-2025-62346 (A Cross-Site Request Forgery (CSRF) vulnerability was identified in HC ...)
 	NOT-FOR-US: HCL
 CVE-2025-62297 (SOPlanning is vulnerable to Stored XSS in /projetsendpoint. Malicious  ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62296 (SOPlanning is vulnerable to Stored XSS in /tachesendpoint. Malicious a ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62295 (SOPlanning is vulnerable to Stored XSS in /groupe_formendpoint. Malici ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62294 (SOPlanning is vulnerable to Predictable Generation of Password Recover ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-62293 (SOPlanning is vulnerable to Broken Access Control in /statusendpoint.  ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2025-60799 (phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ...)
 	TODO: check
 CVE-2025-60798 (phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/006f9b8337ac102f5a961e4d10a1cf5333ef73a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/006f9b8337ac102f5a961e4d10a1cf5333ef73a7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251120/7d2d4d36/attachment-0001.htm>