[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 04 Apr 2025 06:35:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ed06cf79 by Salvatore Bonaccorso at 2025-04-04T15:35:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -106,33 +106,33 @@ CVE-2025-29815 (Use after free in Microsoft Edge 
(Chromium-based) allows an auth
 CVE-2025-29796 (User interface (ui) misrepresentation of critical information 
in Micro ...)
        TODO: check
 CVE-2025-26401 (Weak encoding for password vulnerability exists in HMI ViewJet 
C-more  ...)
-       TODO: check
+       NOT-FOR-US: HMI ViewJet C-more series
 CVE-2025-25061 (Unintended proxy or intermediary ('Confused Deputy') issue 
exists in H ...)
-       TODO: check
+       NOT-FOR-US: HMI ViewJet C-more series and HMI GC-A2 series
 CVE-2025-25001 (Improper neutralization of input during web page generation 
('cross-si ...)
        TODO: check
 CVE-2025-25000 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
        NOT-FOR-US: Microsoft
 CVE-2025-24317 (Allocation of resources without limits or throttling issue 
exists in H ...)
-       TODO: check
+       NOT-FOR-US: HMI ViewJet C-more series and HMI GC-A2 series
 CVE-2025-24310 (Improper restriction of rendered UI layers or frames issue 
exists in H ...)
-       TODO: check
+       NOT-FOR-US: HMI ViewJet C-more series
 CVE-2025-0279 (HCL Traveler generates some error messages that provide 
detailed infor ...)
        NOT-FOR-US: HCL
 CVE-2025-0278 (HCL Traveler is affected by an internal path disclosure in a 
Windows a ...)
        NOT-FOR-US: HCL
 CVE-2024-56528 (This vulnerability affects Snowplow Collector 3.x before 3.3.0 
(unless ...)
-       TODO: check
+       NOT-FOR-US: Snowplow Collector
 CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is 
similar ...)
-       TODO: check
+       NOT-FOR-US: Iglu Server
 CVE-2024-47215 (An issue was discovered in Snowbridge setups sending data to 
Google Ta ...)
        TODO: check
 CVE-2024-47214 (An issue was discovered in Iglu Server 0.13.0 and below. It is 
similar ...)
-       TODO: check
+       NOT-FOR-US: Iglu Server
 CVE-2024-47213 (An issue was discovered affecting Enrich 5.1.0 and below. It 
involves  ...)
-       TODO: check
+       NOT-FOR-US: Enrich
 CVE-2024-47212 (An issue was discovered in Iglu Server 0.13.0 and below. It 
involves s ...)
-       TODO: check
+       NOT-FOR-US: Iglu Server
 CVE-2024-45199 (insightsoftware Hive JDBC through 2.6.13 has a remote code 
execution v ...)
        TODO: check
 CVE-2024-42208 (HCL Connections is vulnerable to an information disclosure 
vulnerabili ...)
@@ -164,7 +164,7 @@ CVE-2025-3171 (A vulnerability classified as critical was 
found in Project World
 CVE-2025-3170 (A vulnerability classified as critical has been found in 
Project World ...)
        NOT-FOR-US: Project Worlds
 CVE-2025-3169 (A vulnerability was found in Projeqtor up to 12.0.2. It has 
been rated ...)
-       TODO: check
+       NOT-FOR-US: Projeqtor
 CVE-2025-3168 (A vulnerability was found in PHPGurukul Time Table Generator 
System 1. ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-3167 (A vulnerability, which was classified as problematic, has been 
found i ...)
@@ -172,7 +172,7 @@ CVE-2025-3167 (A vulnerability, which was classified as 
problematic, has been fo
 CVE-2025-3166 (A vulnerability classified as critical was found in 
code-projects Prod ...)
        NOT-FOR-US: code-projects
 CVE-2025-3165 (A vulnerability classified as critical has been found in 
thu-pacman ch ...)
-       TODO: check
+       NOT-FOR-US: thu-pacman chitu
 CVE-2025-3164 (A vulnerability was found in Tencent Music Entertainment 
SuperSonic up ...)
        NOT-FOR-US: Tencent Music Entertainment SuperSonic
 CVE-2025-3163 (A vulnerability was found in InternLM LMDeploy up to 0.7.1. It 
has bee ...)
@@ -195,7 +195,7 @@ CVE-2025-3158 (A vulnerability, which was classified as 
critical, has been found
        - assimp <unfixed>
        NOTE: https://github.com/assimp/assimp/issues/6023
 CVE-2025-3157 (A vulnerability was found in Intelbras WRN 150 1.0.15_pt_ITB01. 
It has ...)
-       TODO: check
+       NOT-FOR-US: Intelbras WRN
 CVE-2025-3155 (A flaw was found in Yelp. The Gnome user help application 
allows the h ...)
        - yelp <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2357091



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed06cf7912239cc2565d141d07738a25ad3ef7d8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed06cf7912239cc2565d141d07738a25ad3ef7d8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to