[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 07 Jun 2025 02:17:31 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
05d156ae by Salvatore Bonaccorso at 2025-06-07T11:17:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2025-49128 (Jackson-core contains core low-level 
incremental ("streaming") p
        NOTE: https://github.com/FasterXML/jackson-core/pull/652
        NOTE: 
https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8
 (jackson-core-2.13.0-rc1)
 CVE-2025-49127 (Kafbat UI is a web user interface for managing Apache Kafka 
clusters.  ...)
-       TODO: check
+       NOT-FOR-US: Kafbat UI
 CVE-2025-47601 (Missing Authorization vulnerability in Christiaan Pieterse 
MaxiBlocks  ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-5806 (Jenkins Gatling Plugin 136.vb_9009b_3d33a_e serves Gatling 
reports in  ...)
@@ -28,7 +28,7 @@ CVE-2025-5793 (A vulnerability, which was classified as 
critical, was found in T
 CVE-2025-5792 (A vulnerability, which was classified as critical, has been 
found in T ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-5791 (A flaw was found in the user's crate for Rust. This 
vulnerability allo ...)
-       TODO: check
+       NOT-FOR-US: users Rust crate
 CVE-2025-5790 (A vulnerability classified as critical was found in TOTOLINK 
X15 1.0.0 ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-5789 (A vulnerability classified as critical has been found in 
TOTOLINK X15  ...)
@@ -314,7 +314,7 @@ CVE-2025-41361 (Uncontrolled resource consumption 
vulnerability in IDF v0.10.0-0
 CVE-2025-41360 (Uncontrolled resource consumption vulnerability in IDF 
v0.10.0-0C03-03 ...)
        NOT-FOR-US: IDF and ZLF
 CVE-2025-3485 (Allegra extractFileFromZip Directory Traversal Remote Code 
Execution V ...)
-       TODO: check
+       NOT-FOR-US: Allegra
 CVE-2025-3365 (A missing protection against path traversal allows to access 
any file  ...)
        TODO: check
 CVE-2025-3322 (An improper neutralization of inputs used in expression 
language allow ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05d156ae7cb81e2f60cb11aa478c86686686e7d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05d156ae7cb81e2f60cb11aa478c86686686e7d3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to