[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
057125c1 by Salvatore Bonaccorso at 2025-10-10T11:40:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
 CVE-2025-62292 (In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA, authent ...)
-	TODO: check
+	NOT-FOR-US: SonarQube
 CVE-2025-62240 (Multiple cross-site scripting (XSS) vulnerabilities with Calendar even ...)
 	NOT-FOR-US: Liferay
 CVE-2025-61928 (Better Auth is an authentication and authorization library for TypeScr ...)
-	TODO: check
+	NOT-FOR-US: Better Auth library
 CVE-2025-61926 (Allstar is a GitHub App to set and enforce security policies. In versi ...)
-	TODO: check
+	NOT-FOR-US: Allstar
 CVE-2025-61871 (NAS Navigator2 Windows version by BUFFALO INC. registers a Windows ser ...)
-	TODO: check
+	NOT-FOR-US: NAS Navigator2 Windows (Buffalo)
 CVE-2025-61783 (Python Social Auth is a social authentication/registration mechanism.  ...)
 	TODO: check
 CVE-2025-61779 (Confidential Containers's Trustee project contains tools and component ...)
-	TODO: check
+	NOT-FOR-US: Confidential Containers
 CVE-2025-61773 (pyLoad is a free and open-source download manager written in Python. I ...)
 	TODO: check
 CVE-2025-61602 (BigBlueButton is an open-source virtual classroom. A denial-of-service ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton
 CVE-2025-61601 (BigBlueButton is an open-source virtual classroom. A Denial of Service ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton
 CVE-2025-60375 (The authentication mechanism in Perfex CRM before 3.3.1 allows attacke ...)
-	TODO: check
+	NOT-FOR-US: Perfex CRM
 CVE-2025-59286 (Copilot Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-59272 (Copilot Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-59271 (Redis Enterprise Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-59252 (M365 Copilot Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-59247 (Azure PlayFab Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-59246 (Azure Entra ID Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-59218 (Azure Entra ID Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-55321 (Improper neutralization of input during web page generation ('cross-si ...)
 	NOT-FOR-US: Microsoft
 CVE-2025-43296 (A logic issue was addressed with improved validation. This issue is fi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/057125c16642d1c243d584beec518d871cfc5c7f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/057125c16642d1c243d584beec518d871cfc5c7f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251010/cb7a63f0/attachment.htm>