[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 10 Jun 2025 04:02:04 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a326392d by Moritz Muehlenhoff at 2025-06-10T12:52:04+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,9 +41,9 @@ CVE-2025-5899 (A vulnerability classified as critical was 
found in GNU PSPP 82fb
 CVE-2025-5898 (A vulnerability classified as critical has been found in GNU 
PSPP 82fb ...)
        TODO: check
 CVE-2025-5897 (A vulnerability was found in vuejs vue-cli up to 5.0.8. It has 
been ra ...)
-       TODO: check
+       NOT-FOR-US: vue-cli
 CVE-2025-5896 (A vulnerability was found in tarojs taro up to 4.1.1. It has 
been decl ...)
-       TODO: check
+       NOT-FOR-US: Taro
 CVE-2025-4954 (The Axle Demo Importer WordPress plugin through 1.0.3 does not 
validat ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-4840 (The inprosysmedia-likes-dislikes-post WordPress plugin through 
1.0.0 d ...)
@@ -63,7 +63,7 @@ CVE-2025-49138 (HAX CMS PHP allows users to manage their 
microsite universe with
 CVE-2025-49137 (HAX CMS PHP allows users to manage their microsite universe 
with a PHP ...)
        NOT-FOR-US: HAX CMS PHP
 CVE-2025-49004 (Caido is a web security auditing toolkit. Prior to version 
0.48.0, due ...)
-       TODO: check
+       NOT-FOR-US: Caido
 CVE-2025-42998 (The security settings in the SAP Business One Integration 
Framework ar ...)
        NOT-FOR-US: SAP
 CVE-2025-42996 (SAP MDM Server allows an attacker to gain control of existing 
client s ...)
@@ -97,29 +97,29 @@ CVE-2025-3076 (The Elementor Website Builder Pro plugin for 
WordPress is vulnera
 CVE-2025-31325 (Due to a Cross-Site Scripting vulnerability in SAP NetWeaver 
(ABAP Key ...)
        NOT-FOR-US: SAP
 CVE-2025-30515 (CyberData011209 Intercom   could allow an authenticated 
attacker to up ...)
-       TODO: check
+       NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-30507 (CyberData011209 Intercom could allow an unauthenticated user 
to gather ...)
-       TODO: check
+       NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-30184 (CyberData011209 Intercom could allow an unauthenticated user 
access to ...)
-       TODO: check
+       NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-30183 (CyberData011209 Intercom  does not properly store or protect 
web serve ...)
-       TODO: check
+       NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-27819 (In CVE-2023-25194, we announced the RCE/Denial of service 
attack via S ...)
-       TODO: check
+       - kafka <itp> (bug #786460)
 CVE-2025-27818 (A possible security vulnerability has been identified in 
Apache Kafka. ...)
-       TODO: check
+       - kafka <itp> (bug #786460)
 CVE-2025-27817 (A possible arbitrary file read and SSRF vulnerability has been 
identif ...)
        TODO: check
 CVE-2025-26468 (CyberData 011209    Intercom exposes features that could allow 
an unau ...)
-       TODO: check
+       NOT-FOR-US: CyberData011209 Intercom
 CVE-2025-23192 (SAP BusinessObjects Business Intelligence (BI Workspace) 
allows an una ...)
        NOT-FOR-US: SAP
 CVE-2025-1041 (An improper input validation discovered in   Avaya Call 
Management Sys ...)
        TODO: check
 CVE-2025-0037 (In AMD Versal Adaptive SoC devices, the lack of address 
validation whe ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2025-0036 (In AMD Versal Adaptive SoC devices, the incorrect configuration 
of the ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2024-55595
        REJECTED
 CVE-2025-5918 (A vulnerability has been identified in the libarchive library. 
This fl ...)
@@ -153,9 +153,9 @@ CVE-2025-5890 (A vulnerability classified as problematic 
has been found in actio
 CVE-2025-5889 (A vulnerability was found in juliangruber brace-expansion up to 
1.1.11 ...)
        TODO: check
 CVE-2025-5888 (A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has 
been dec ...)
-       TODO: check
+       NOT-FOR-US: CaidoWebStack-Guns
 CVE-2025-5887 (A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has 
been cla ...)
-       TODO: check
+       NOT-FOR-US: CaidoWebStack-Guns
 CVE-2025-5886 (A vulnerability was found in Emlog up to 2.5.7 and classified 
as probl ...)
        NOT-FOR-US: Emlog
 CVE-2025-5885 (A vulnerability has been found in Konica Minolta bizhub up to 
20250202 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a326392d7c23505b0a79c8d9aac2903622b7c716

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a326392d7c23505b0a79c8d9aac2903622b7c716
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to