[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 10 Apr 2025 09:54:36 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e7eac468 by Salvatore Bonaccorso at 2025-04-10T11:19:49+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-3489 (A vulnerability was found in Nababur 
Simple-User-Management-System 1.0 ...)
        TODO: check
 CVE-2025-3417 (The Embedder plugin for WordPress is vulnerable to unauthorized 
modifi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-3102 (The SureTriggers: All-in-One Automation Platform plugin for 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-3023
        REJECTED
 CVE-2025-32728 (In sshd in OpenSSH before 10.0, the DisableForwarding 
directive does n ...)
@@ -13,41 +13,41 @@ CVE-2025-32387 (Helm is a package manager for Charts for 
Kubernetes. A JSON Sche
 CVE-2025-32386 (Helm is a tool for managing Charts. A chart archive file can 
be crafte ...)
        TODO: check
 CVE-2025-30660 (An Improper Check for Unusual or Exceptional Conditions 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Juniper
 CVE-2025-30659 (An Improper Handling of Length Parameter Inconsistency 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: Juniper
 CVE-2025-30658 (A Missing Release of Memory after Effective Lifetime 
vulnerability in  ...)
-       TODO: check
+       NOT-FOR-US: Juniper
 CVE-2025-30657 (An Improper Encoding or Escaping of Output vulnerability in 
the Sampli ...)
-       TODO: check
+       NOT-FOR-US: Juniper
 CVE-2025-2873
        REJECTED
 CVE-2025-2845
        REJECTED
 CVE-2025-2809 (The azurecurve Shortcodes in Comments plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2805 (The ORDER POST plugin for WordPress is vulnerable to arbitrary 
shortco ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2719 (The Swatchly \u2013 WooCommerce Variation Swatches for Products 
(produ ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-29989 (Dell Client Platform BIOS contains a Security Version Number 
Mutable t ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-29018 (A Stored Cross-Site Scripting (XSS) vulnerability exists in 
the name p ...)
        TODO: check
 CVE-2025-27690 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, 
contains a u ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-26480 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, 
contains an  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-26479 (Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, 
contains an  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-26330 (Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, 
contains an  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24375 (Charmed MySQL K8s operator is a Charmed Operator for running 
MySQL on  ...)
        TODO: check
 CVE-2025-23378 (Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, 
contains an  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-22471 (Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, 
contains an  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-0539 (In affected Microsoft Windows versions of Octopus Deploy, the 
server c ...)
        TODO: check
 CVE-2024-58136 (Yii 2 before 2.0.52 mishandles the attaching of behavior that 
is defin ...)
@@ -55,13 +55,13 @@ CVE-2024-58136 (Yii 2 before 2.0.52 mishandles the 
attaching of behavior that is
 CVE-2024-38865 (Improper neutralization of livestatus command delimiters in a 
specific ...)
        TODO: check
 CVE-2024-13909 (The Accredible Certificates & Open Badges plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13896 (The WP-GeSHi-Highlight \u2014 rock-solid syntax highlighting 
for 259 l ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13874 (The Feedify  WordPress plugin before 2.4.6 does not sanitise 
and escap ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-10894 (The Payment Forms for Paystack plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2761 [GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution 
Vulnerability]
        - gimp 3.0.0-1
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-204/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7eac468c69b8848ad31e81f77cee3e877c91b4c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7eac468c69b8848ad31e81f77cee3e877c91b4c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to