[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 05 Apr 2025 10:16:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7008e862 by Salvatore Bonaccorso at 2025-03-19T09:58:43+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2025-1232 (The Site Reviews WordPress plugin before 
7.2.5 does not properly
 CVE-2024-57151 (SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and 
before allo ...)
        NOT-FOR-US: rainrocka xinhu
 CVE-2024-50631 (Improper neutralization of special elements used in an SQL 
command ('S ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-50630 (Missing authentication for critical function vulnerability in 
the weba ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-50629 (Improper encoding or escaping of output vulnerability in the 
webapi co ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-13412 (The CozyStay theme for WordPress is vulnerable to unauthorized 
modific ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-13410 (The CozyStay and TinySalt plugins for WordPress are vulnerable 
to PHP  ...)
@@ -29,15 +29,15 @@ CVE-2024-12563 (The s2Member Pro plugin for WordPress is 
vulnerable to Local Fil
 CVE-2024-12295 (The BoomBox Theme Extensions plugin for WordPress is 
vulnerable to pri ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-11131 (A vulnerability regarding out-of-bounds read is found in the 
video int ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-10445 (Improper certificate validation vulnerability in the update 
functional ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-10444 (Improper certificate validation vulnerability in the LDAP 
utilities in ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-10442 (Off-by-one error vulnerability in the transmission component 
in Synolo ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-10441 (Improper encoding or escaping of output vulnerability in the 
system pl ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2025-29918 [detect: infinite loop with negated pcre and indefinite 
recursion limit setting]
        - suricata 1:7.0.9-1
        NOTE: Fixed by: 
https://github.com/OISF/suricata/commit/b14c67cbdf25fa6c7ffe0d04ddf3ebe67b12b50b
 (master)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7008e862cb5ede488b8b60b54fff90bb7ea41489

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7008e862cb5ede488b8b60b54fff90bb7ea41489
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to