[Git][security-tracker-team/security-tracker][master] 2 commits: Process two Nvidia CVEs as NFU

Tue, 04 Nov 2025 12:52:16 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cde80b0b by Salvatore Bonaccorso at 2025-11-04T21:51:38+01:00
Process two Nvidia CVEs as NFU

- - - - -
cf962013 by Salvatore Bonaccorso at 2025-11-04T21:51:38+01:00
Add two NVIDIA products to cover via the auto-nfu ruleset

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -80,9 +80,9 @@ CVE-2025-41112 (A lack of authorisation vulnerability has 
been detected in Canal
 CVE-2025-41111 (A lack of authorisation vulnerability has been detected in 
CanalDenunc ...)
        NOT-FOR-US: CanalDenuncia.app
 CVE-2025-33176 (NVIDIA RunAI for all platforms contains a vulnerability where 
a user c ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23358 (NVIDIA NVApp for Windows contains a vulnerability in the 
installer, wh ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-12695 (The overly permissive sandbox configuration in DSPy allows 
attackers t ...)
        NOT-FOR-US: DSPy
 CVE-2025-12682 (The Easy Upload Files During Checkout plugin for WordPress is 
vulnerab ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -401,6 +401,7 @@
       - product: Isaac Lab
       - product: Megatron LM
       - product: Megatron-LM
+      - product: NVApp
       - product: NVDebug tool
       - product: NVIDIA Apex
       - product: NVIDIA App
@@ -411,6 +412,7 @@
       - product: NVIDIA WebDataset
       - product: NeMo Framework
       - product: Nsight Graphics
+      - product: RunAI
       - product: Triton Inference Server
 - reason: Oracle
   allOf:



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0ee0966e14fb78d2bc043cd940dd16f42da6f290...cf962013db2a05eb520bbe496491260518e8bca6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0ee0966e14fb78d2bc043cd940dd16f42da6f290...cf962013db2a05eb520bbe496491260518e8bca6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to