[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 27 Apr 2025 09:09:36 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d4f70bd2 by Salvatore Bonaccorso at 2025-04-27T17:49:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,11 @@ CVE-2025-46673 (NASA CryptoLib before 1.3.2 does not check 
whether the SA is in
 CVE-2025-46672 (NASA CryptoLib before 1.3.2 does not check the OTAR crypto 
function re ...)
        NOT-FOR-US: NASA CryptoLib
 CVE-2025-46656 (python-markdownify (aka markdownify) before 0.14.1 allows 
large headli ...)
-       TODO: check
+       NOT-FOR-US: python-markdownify (aka markdownify)
 CVE-2025-46655 (CodiMD through 2.5.4 has a CSP-based protection mechanism 
against XSS  ...)
-       TODO: check
+       NOT-FOR-US: CodiMD
 CVE-2025-46654 (CodiMD through 2.2.0 has a CSP-based protection mechanism 
against XSS  ...)
-       TODO: check
+       NOT-FOR-US: CodiMD
 CVE-2025-46653 (Formidable (aka node-formidable) 2.1.0 through 3.x before 
3.5.3 relies ...)
        TODO: check
 CVE-2025-46580 (There is a code-related vulnerability in the GoldenDB database 
product ...)
@@ -41,17 +41,17 @@ CVE-2025-3959 (A vulnerability was found in withstars 
Books-Management-System 1.
 CVE-2025-3958 (A vulnerability was found in withstars Books-Management-System 
1.0. It ...)
        NOT-FOR-US: withstars Books-Management-System
 CVE-2025-3957 (A vulnerability was found in opplus springboot-admin 1.0 and 
classifie ...)
-       TODO: check
+       NOT-FOR-US: opplus springboot-admin
 CVE-2025-3956 (A vulnerability has been found in 201206030 novel-cloud 1.4.0 
and clas ...)
-       TODO: check
+       NOT-FOR-US: novel-cloud
 CVE-2025-3955 (A vulnerability, which was classified as critical, was found in 
codepr ...)
        NOT-FOR-US: code-projects
 CVE-2025-3954 (A vulnerability, which was classified as problematic, has been 
found i ...)
        NOT-FOR-US: ChurchCRM
 CVE-2024-52888 (For an authenticated end-user the portal may run a script 
while attemp ...)
-       TODO: check
+       NOT-FOR-US: Checkpoint
 CVE-2024-52887 (Authenticated end-user may set a specially crafted SNX 
bookmark that c ...)
-       TODO: check
+       NOT-FOR-US: Checkpoint
 CVE-2025-46652 (In IZArc through 4.5, there is a Mark-of-the-Web Bypass 
Vulnerability. ...)
        NOT-FOR-US: IZArc
 CVE-2025-46646 (In Artifex Ghostscript before 10.05.0, decode_utf8 in 
base/gp_utf8.c m ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4f70bd2c3d88d8027b5919c75dbef5b1fe777ef

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4f70bd2c3d88d8027b5919c75dbef5b1fe777ef
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to