[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Thu, 27 Mar 2025 07:02:08 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3f5714fc by Moritz Muehlenhoff at 2025-03-23T22:52:42+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,9 +41,9 @@ CVE-2025-2646 (A vulnerability was found in PHPGurukul Art 
Gallery Management Sy
 CVE-2025-2645 (A vulnerability was found in PHPGurukul Art Gallery Management 
System  ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-29806 (No cwe for this issue in Microsoft Edge (Chromium-based) 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-29795 (Improper link resolution before file access ('link following') 
in Micr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-27553 (Relative Path Traversal vulnerability in Apache Commons VFS 
before 2.1 ...)
        - commons-vfs <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2025/03/23/1
@@ -225,7 +225,7 @@ CVE-2025-27933 (Mattermost versions 10.4.x <= 10.4.2, 
10.3.x <= 10.3.3, 9.11.x <
 CVE-2025-27715 (Mattermost versions 9.11.x <= 9.11.8 fail to prompt for 
explicit appro ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2025-27612 (libcontainer is a library for container control. Prior to 
libcontainer ...)
-       TODO: check
+       NOT-FOR-US: libcontainer
 CVE-2025-25274 (Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x 
<= 9.11 ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2025-25068 (Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x 
<= 9.11 ...)
@@ -243,9 +243,9 @@ CVE-2024-57490 (Guangzhou Hongfan Technology Co., LTD. 
iOffice20 has any user lo
 CVE-2024-53351 (Insecure permissions in pipecd v0.49 allow attackers to gain 
access to ...)
        NOT-FOR-US: pipecd
 CVE-2024-53350 (Insecure permissions in kubeslice v1.3.1 allow attackers to 
gain acces ...)
-       TODO: check
+       NOT-FOR-US: KubeSlice
 CVE-2024-53349 (Insecure permissions in kuadrant v0.11.3 allow attackers to 
gain acces ...)
-       TODO: check
+       NOT-FOR-US: kuadrant
 CVE-2024-53348 (LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access 
Control wh ...)
        NOT-FOR-US: LoxiLB
 CVE-2023-43029 (IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 
could allow  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f5714fc3ddfdfdb747399779075fa93bceab3a6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f5714fc3ddfdfdb747399779075fa93bceab3a6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to