Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c893a548 by Salvatore Bonaccorso at 2025-08-11T19:03:10+02:00
Demote severity for ros-ros-comm issues to unimportant
The security impact is disputable. After short discussion with ochen
Sprickerhof (and indirectly Timo Röhling) we agree that the impact is
negligible. More information and followup as well in #1110773
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5874,7 +5874,8 @@ CVE-2025-47189 (Netwrix Directory Manager (formerly
Imanami GroupID) 11.0.0.0 be
CVE-2025-46102 (Cross Site Scripting vulnerability in Beakon Software Beakon
Learning ...)
NOT-FOR-US: Beakon Software Beakon Learning Management System
CVE-2025-3753 (A code execution vulnerability has been identified in the Robot
Operat ...)
- - ros-ros-comm <unfixed> (bug #1110773)
+ - ros-ros-comm <unfixed> (bug #1110773; unimportant)
+ NOTE: Negligible security impact
CVE-2025-3740 (The School Management System for Wordpress plugin for WordPress
is vul ...)
NOT-FOR-US: WordPress plugin
CVE-2025-38349 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
@@ -5909,13 +5910,17 @@ CVE-2025-0886 (An incorrect permissions vulnerability
was reported in Elliptic L
CVE-2024-42209 (HCL Connections is vulnerable to an information disclosure
vulnerabili ...)
NOT-FOR-US: HCL
CVE-2024-41921 (A code injection vulnerability has been discovered in the
Robot Operat ...)
- - ros-ros-comm <unfixed> (bug #1110773)
+ - ros-ros-comm <unfixed> (bug #1110773; unimportant)
+ NOTE: Negligible security impact
CVE-2024-41148 (A code injection vulnerability has been discovered in the
Robot Operat ...)
- - ros-ros-comm <unfixed> (bug #1110773)
+ - ros-ros-comm <unfixed> (bug #1110773; unimportant)
+ NOTE: Negligible security impact
CVE-2024-39835 (A code injection vulnerability has been identified in the
Robot Operat ...)
- - ros-ros-comm <unfixed> (bug #1110773)
+ - ros-ros-comm <unfixed> (bug #1110773; unimportant)
+ NOTE: Negligible security impact
CVE-2024-39289 (A code execution vulnerability has been discovered in the
Robot Operat ...)
- - ros-ros-comm <unfixed> (bug #1110773)
+ - ros-ros-comm <unfixed> (bug #1110773; unimportant)
+ NOTE: Negligible security impact
CVE-2024-32323 (SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0
allows a ...)
NOT-FOR-US: cnhcit.com Haichang OA
CVE-2024-32124 (An improper access control vulnerability [CWE-284] in
FortiIsolator ve ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c893a54823829fac8fc33d95605a78ae49d8b1aa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c893a54823829fac8fc33d95605a78ae49d8b1aa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
