[Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for RTI

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Sep 24 12:13:39 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b18de517 by Moritz Muehlenhoff at 2025-09-24T13:13:02+02:00
auto-nfu: Add rule for RTI

Total CVEs from RTI: 18
Total CVEs from RTI with packages assigned: 0

Scope: All RTI Connext products, including EOL products. See
https://www.rti.com/products for more information.

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -112,11 +112,11 @@ CVE-2025-52905 (Improper Input Validation vulnerability in TOTOLINK X6000R allow
 CVE-2025-51005 (A heap-buffer-overflow vulnerability exists in the tcpliveplay utility ...)
 	TODO: check
 CVE-2025-4993 (Untrusted Pointer Dereference vulnerability in RTI Connext Professiona ...)
-	TODO: check
+	NOT-FOR-US: RTI Connext
 CVE-2025-4760 (An authenticated stored cross-site scripting (XSS) vulnerability exist ...)
 	NOT-FOR-US: WSO2
 CVE-2025-4582 (Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Profes ...)
-	TODO: check
+	NOT-FOR-US: RTI Connext
 CVE-2025-48459 (Deserialization of Untrusted Data vulnerability in Apache IoTDB.  This ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-48392 (A vulnerability in Apache IoTDB.  This issue affects Apache IoTDB: fro ...)
@@ -132,7 +132,7 @@ CVE-2025-29084 (SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote a
 CVE-2025-29083 (SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacke ...)
 	NOT-FOR-US: CSZ-CMS
 CVE-2025-1255 (Untrusted Pointer Dereference vulnerability in RTI Connext Professiona ...)
-	TODO: check
+	NOT-FOR-US: RTI Connext
 CVE-2025-10857 (A security flaw has been discovered in Campcodes Point of Sale System  ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-10851 (A security flaw has been discovered in Campcodes Gym Management System ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -181,6 +181,8 @@
   cna: qnap
 - reason: Qualcomm
   cna: qualcomm
+- reason: RTI Connext
+  cna: RTI
 - reason: Rockwell Automation
   cna: Rockwell
 - reason: Salesforce



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b18de517047f7ba1527368e5363d4121c4c0268b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b18de517047f7ba1527368e5363d4121c4c0268b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250924/2060b151/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list