[Git][security-tracker-team/security-tracker][master] auto-nfu: Update VMware rule
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Oct 21 23:30:10 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab648d85 by Moritz Muehlenhoff at 2025-10-22T00:29:45+02:00
auto-nfu: Update VMware rule
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -1042,7 +1042,7 @@ CVE-2025-41410 (Mattermost versions 10.10.x <= 10.10.2, 10.5.x <= 10.5.10, 10.11
CVE-2025-41254 (STOMP over WebSocket applications may be vulnerable to a security bypa ...)
TODO: check
CVE-2025-41253 (The following versions of Spring Cloud Gateway Server Webflux may be v ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2025-3930 (Strapi uses JSON Web Tokens (JWT) for authentication. After logout or ...)
NOT-FOR-US: Strapi
CVE-2025-36128 (IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denia ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -475,6 +475,7 @@
- anyOf:
- product: Avi Load Balancer
- product: Spring Boot
+ - product: Spring Cloud Gateway Server Webflux
- product: VMware Cloud Foundation
- product: VMware ESXi
- product: VMware NSX
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab648d853e22b2ad0d275efaca60c1e616b88503
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab648d853e22b2ad0d275efaca60c1e616b88503
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251021/23a26f3d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list