[Git][security-tracker-team/security-tracker][master] Reassociate two NFUs to itp'ed entry

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 29 08:38:51 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1335a1c7 by Salvatore Bonaccorso at 2025-11-29T09:38:37+01:00
Reassociate two NFUs to itp'ed entry

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60589,7 +60589,7 @@ CVE-2025-47942 (The Open edX Platform is a learning management platform. Prior t
 CVE-2025-45753 (A vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows an att ...)
 	NOT-FOR-US: Vtiger CRM
 CVE-2025-44040 (An issue in OrangeHRM v.5.7 allows an attacker to escalate privileges  ...)
-	NOT-FOR-US: OrangeHRM
+	- orangehrm <itp> (bug #786622)
 CVE-2025-3887 (GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code E ...)
 	{DSA-5941-1 DLA-4219-1}
 	- gst-plugins-bad1.0 1.26.1-1 (bug #1106285)
@@ -166158,7 +166158,7 @@ CVE-2024-4741 (Issue summary: Calling the OpenSSL API function SSL_free_buffers
 	NOTE: https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac (openssl-3.2)
 	NOTE: https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d (openssl-3.0)
 CVE-2024-36428 (OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection.)
-	NOT-FOR-US: OrangeHRM
+	- orangehrm <itp> (bug #786622)
 CVE-2024-36426 (In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session  ...)
 	NOT-FOR-US: TARGIT Decision Suite
 CVE-2024-32944 (Path traversal vulnerability exists in UTAU versions prior to v0.4.19. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1335a1c774f7b2e52eb176c6321adac0fd883ed2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1335a1c774f7b2e52eb176c6321adac0fd883ed2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251129/cdacabbb/attachment.htm>

More information about the debian-security-tracker-commits mailing list