[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 03 May 2025 05:40:00 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c29bf6a1 by Salvatore Bonaccorso at 2025-05-03T14:39:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2024-58135 [may generate weak HMAC session secrets]
 CVE-2025-4222 (The Database Toolset plugin for WordPress is vulnerable to 
Sensitive I ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-4218 (A vulnerability was found in handrew browserpilot up to 0.2.51. 
It has ...)
-       TODO: check
+       NOT-FOR-US: handrew browserpilot
 CVE-2025-4215 (A vulnerability was found in gorhill uBlock Origin up to 
1.63.3b16. It ...)
        TODO: check
 CVE-2025-4199 (The Abundatrade Plugin plugin for WordPress is vulnerable to 
Cross-Sit ...)
@@ -25,7 +25,7 @@ CVE-2025-47229 (libpspp-core.a in GNU PSPP through 2.0.1 
allows attackers to cau
 CVE-2025-47226 (Grokability Snipe-IT before 8.1.0 has incorrect authorization 
for acce ...)
        TODO: check
 CVE-2025-46723 (OpenVM is a performant and modular zkVM framework built for 
customizat ...)
-       TODO: check
+       NOT-FOR-US: OpenVM
 CVE-2025-3918 (The Job Listings plugin for WordPress is vulnerable to 
Privilege Escal ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-3815 (The SurveyJS plugin for WordPress is vulnerable to Stored 
Cross-Site S ...)
@@ -33,7 +33,7 @@ CVE-2025-3815 (The SurveyJS plugin for WordPress is 
vulnerable to Stored Cross-S
 CVE-2025-3779 (The Personizely plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-21572 (OpenGrok 1.13.25 has a reflected Cross-Site Scripting (XSS) 
issue when ...)
-       TODO: check
+       NOT-FOR-US: OpenGrok
 CVE-2025-0782 (A vulnerability in the S3 bucket configuration for h2oai/h2o-3 
allows  ...)
        TODO: check
 CVE-2024-55069 (ffmpeg 7.1 is vulnerable to Null Pointer Dereference in 
function iamf_ ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c29bf6a1a7b7f68b16b169908af56a6dd7f08c4d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c29bf6a1a7b7f68b16b169908af56a6dd7f08c4d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to