[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 21 Jan 2025 12:20:48 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
16a1a074 by Salvatore Bonaccorso at 2025-01-21T21:20:11+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,55 +1,55 @@
 CVE-2025-24461 (In JetBrains TeamCity before 2024.12.1 decryption of 
connection secret ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2025-24460 (In JetBrains TeamCity before 2024.12.1 improper access control 
allowed ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2025-24459 (In JetBrains TeamCity before 2024.12.1 reflected XSS was 
possible on t ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2025-24458 (In JetBrains YouTrack before 2024.3.55417 account takeover was 
possibl ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2025-24457 (In JetBrains YouTrack before 2024.3.55417 permanent tokens 
could be ex ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2025-24456 (In JetBrains Hub before 2024.3.55417 privilege escalation was 
possible ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Hub
 CVE-2025-24024 (Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 
responds to ma ...)
-       TODO: check
+       NOT-FOR-US: Mjolnir
 CVE-2025-24020 (WeGIA is a Web manager for charitable institutions. An Open 
Redirect v ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-24019 (YesWiki is a wiki system written in PHP. In versions up to and 
includi ...)
-       TODO: check
+       NOT-FOR-US: YesWiki
 CVE-2025-24018 (YesWiki is a wiki system written in PHP. In versions up to and 
includi ...)
-       TODO: check
+       NOT-FOR-US: YesWiki
 CVE-2025-24017 (YesWiki is a wiki system written in PHP. Versions up to and 
including  ...)
-       TODO: check
+       NOT-FOR-US: YesWiki
 CVE-2025-24012 (Umbraco is a free and open source .NET content management 
system. Star ...)
-       TODO: check
+       NOT-FOR-US: Umbraco CMS
 CVE-2025-24011 (Umbraco is a free and open source .NET content management 
system. Star ...)
-       TODO: check
+       NOT-FOR-US: Umbraco CMS
 CVE-2025-24001 (Cross-Site Request Forgery (CSRF) vulnerability in PPO 
Vi\u1ec7t Nam ( ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23998 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23997 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23996 (Cross-Site Request Forgery (CSRF) vulnerability in anyroad.com 
AnyRoad ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23994 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23580 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23551 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23489 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23477 (Missing Authorization vulnerability in Realty Workstation 
Realty Works ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23461 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23454 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-23369 (An improper verification of cryptographic signature 
vulnerability was  ...)
        TODO: check
 CVE-2025-23184 (A potential denial of service vulnerability is present in 
versions of  ...)
-       TODO: check
+       NOT-FOR-US: Apache CXF
 CVE-2025-23086 (On most desktop platforms, Brave Browser versions 
1.70.x-1.73.x includ ...)
        TODO: check
 CVE-2025-22825 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16a1a074ba96df94fdff8407ab356a3f55c90b33

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16a1a074ba96df94fdff8407ab356a3f55c90b33
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to