Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d9cdd760 by Moritz Muehlenhoff at 2025-03-16T20:49:10+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-30077 (Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28
allows an i ...)
- TODO: check
+ NOT-FOR-US: onos-lib-go
CVE-2025-30076 (Koha before 24.11.02 allows admins to execute arbitrary
commands via s ...)
- TODO: check
+ NOT-FOR-US: Koha
CVE-2025-30074 (Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2
for macO ...)
NOT-FOR-US: Alludo Parallels Desktop
CVE-2025-2335 (A vulnerability classified as problematic was found in Drivin
Solu\xe7 ...)
@@ -45,7 +45,7 @@ CVE-2025-26553 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-26548 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-24856 (An issue was discovered in the oidc (aka OpenID Connect
Authentication ...)
- TODO: check
+ NOT-FOR-US: Typo3 extension
CVE-2025-23744 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-1624 (The GDPR Cookie Compliance WordPress plugin before 4.15.9 does
not sa ...)
@@ -63,7 +63,7 @@ CVE-2025-1619 (The GDPR Cookie Compliance WordPress plugin
before 4.15.7 does n
CVE-2025-0524
REJECTED
CVE-2024-58103 (Square Wire before 5.2.0 does not enforce a recursion limit on
nested ...)
- TODO: check
+ NOT-FOR-US: Square Wire
CVE-2024-13602 (The Poll Maker WordPress plugin before 5.5.4 does not
sanitise and es ...)
NOT-FOR-US: WordPress plugin
CVE-2024-13126 (The Download Manager WordPress plugin before 3.3.07 doesn't
prevent di ...)
@@ -109,7 +109,7 @@ CVE-2025-2164 (The pixelstats plugin for WordPress is
vulnerable to Reflected Cr
CVE-2025-2163 (The Zoorum Comments plugin for WordPress is vulnerable to
Cross-Site R ...)
NOT-FOR-US: WordPress plugin
CVE-2025-2157 (A flaw was found in Foreman/Red Hat Satellite. Improper file
permissio ...)
- TODO: check
+ - foreman <itp> (bug #663101)
CVE-2025-1773 (The Traveler theme for WordPress is vulnerable to Reflected
Cross-Site ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1771 (The Traveler theme for WordPress is vulnerable to Local File
Inclusion ...)
@@ -145,9 +145,9 @@ CVE-2025-2000 (A maliciously crafted QPY file can potential
execute arbitrary-co
CVE-2025-29782 (WeGIA is Web manager for charitable institutions A Stored
Cross-Site S ...)
NOT-FOR-US: WeGIA
CVE-2025-29780 (Post-Quantum Secure Feldman's Verifiable Secret Sharing
provides a Pyt ...)
- TODO: check
+ NOT-FOR-US: PostQuantum-Feldman-VSS
CVE-2025-29779 (Post-Quantum Secure Feldman's Verifiable Secret Sharing
provides a Pyt ...)
- TODO: check
+ NOT-FOR-US: PostQuantum-Feldman-VSS
CVE-2025-29776 (Azle is a WebAssembly runtime for TypeScript and JavaScript on
ICP. Ca ...)
NOT-FOR-US: Azle
CVE-2025-29775 (xml-crypto is an XML digital signature and encryption library
for Node ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9cdd76093c6aa31f29392be2e53fecc3b65ca8d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9cdd76093c6aa31f29392be2e53fecc3b65ca8d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
