[Git][security-tracker-team/security-tracker][master] auto-nfu: Add Commvault CNA

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ce262f6 by Moritz Muehlenhoff at 2026-01-08T12:20:57+01:00
auto-nfu: Add Commvault CNA

Total CVEs from Commvault: 5
Total CVEs from Commvault with packages assigned: 0

Scope: Vulnerabilities in Commvault SaaS and software products only.

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -142,7 +142,7 @@ CVE-2025-13151 (Stack-based buffer overflow in libtasn1 version: v4.20.0. The fu
 	- libtasn1-6 <unfixed>
 	NOTE: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121
 CVE-2025-12776 (The Report Builder component of the application stores user input dire ...)
-	TODO: check
+	NOT-FOR-US: Commvault
 CVE-2025-12640 (The Folders \u2013 Unlimited Folders to Organize Media Library Folder, ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-7333 (A weakness has been identified in bluelabsio records-mover up to 1.5.4 ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -69,6 +69,8 @@
   cna: Centreon
 - reason: Citrix
   cna: Citrix
+- reason: Commvault
+  cna: Commvault
 - reason: Crestron
   cna: Crestron
 - reason: CrowdStrike



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce262f6a8ca3c834d70e598190bbc1bedd20aec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce262f6a8ca3c834d70e598190bbc1bedd20aec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260108/b2490bec/attachment-0001.htm>