[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu, 13 Mar 2025 09:38:58 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
21261b5c by Salvatore Bonaccorso at 2025-03-12T22:48:48+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2025-2240 (A flaw was found in Smallrye, where 
smallrye-fault-tolerance is v
 CVE-2025-2239 (Generation of Error Message Containing Sensitive Information 
vulnerabi ...)
        NOT-FOR-US: Hillstone
 CVE-2025-2002 (CWE-532: Insertion of Sensitive Information into Log Files 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Schneider Electric
 CVE-2025-29904 (In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was 
possible)
        NOT-FOR-US: JetBrains Ktor
 CVE-2025-29903 (In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic 
library ex ...)
@@ -68,9 +68,9 @@ CVE-2025-20138 (A vulnerability in the CLI of Cisco IOS XR 
Software could allow
 CVE-2025-20115 (A vulnerability in confederation implementation for the Border 
Gateway ...)
        NOT-FOR-US: Cisco
 CVE-2025-1984 (Xerox Desktop Print Experience application contains a Local 
Privilege  ...)
-       TODO: check
+       NOT-FOR-US: Xerox
 CVE-2025-1960 (CWE-1188: Initialization of a Resource with an Insecure Default 
vulner ...)
-       TODO: check
+       NOT-FOR-US: Schneider Electric
 CVE-2025-1683 (Improper link resolution before file access in the Nomad module 
of the ...)
        TODO: check
 CVE-2025-1527 (The ShopLentor \u2013 WooCommerce Builder for Elementor & 
Gutenberg +2 ...)
@@ -80,7 +80,7 @@ CVE-2025-0884 (Unquoted Search Path or Element vulnerability 
in OpenText\u2122 S
 CVE-2025-0883 (Improper Neutralization of Script in an Error Message Web Page 
vulnera ...)
        TODO: check
 CVE-2025-0813 (CWE-287: Improper Authentication vulnerability exists that 
could cause ...)
-       TODO: check
+       NOT-FOR-US: Schneider Electric
 CVE-2025-0118 (A vulnerability in the Palo Alto Networks GlobalProtect app on 
Windows ...)
        TODO: check
 CVE-2025-0117 (A reliance on untrusted input for a security decision in the 
GlobalPro ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21261b5cb8a8412812658caddde197a896a90402

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21261b5cb8a8412812658caddde197a896a90402
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to