[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 24 Jun 2025 00:07:48 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9afcff8a by Moritz Muehlenhoff at 2025-06-24T09:06:57+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2025-2828
+       NOT-FOR-US: langchain-community
 CVE-2025-6547 (Improper Input Validation vulnerability in pbkdf2 allows 
Signature Spo ...)
        - node-pbkdf2 <unfixed>
        NOTE: 
https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59
@@ -43,7 +45,7 @@ CVE-2025-52936 (Improper Link Resolution Before File Access 
('Link Following') v
        NOTE: https://github.com/yrutschle/sslh/pull/494
        NOTE: Fixed by: 
https://github.com/yrutschle/sslh/commit/0fe9bd5a956a123342ff12352b25bff8025dac69
 (v2.2.2)
 CVE-2025-52935 (Integer Overflow or Wraparound vulnerability in dragonflydb 
dragonfly  ...)
-       TODO: check
+       NOT-FOR-US: dragonflydb
 CVE-2025-52922 (Innoshop through 0.4.1 allows directory traversal via 
FileManager API  ...)
        NOT-FOR-US: Innoshop
 CVE-2025-52921 (In Innoshop through 0.4.1, an authenticated attacker could 
exploit the ...)
@@ -71,7 +73,7 @@ CVE-2025-49574 (Quarkus is a Cloud Native, (Linux) Container 
First framework for
 CVE-2025-49144 (Notepad++ is a free and open-source source code editor. In 
versions 8. ...)
        NOT-FOR-US: Notepad++
 CVE-2025-49126 (Visionatrix is an AI Media processing tool using ComfyUI. In 
versions  ...)
-       TODO: check
+       NOT-FOR-US: Visionatrix
 CVE-2025-48700 (An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 
and 9.0 a ...)
        NOT-FOR-US: Zimbra
 CVE-2025-48026 (A vulnerability in the WebApl component of Mitel OpenScape 
Xpressions  ...)
@@ -113,7 +115,7 @@ CVE-2023-47030 (An issue in NCR Terminal Handler v.1.5.1 
allows a remote attacke
 CVE-2023-47029 (An issue in NCR Terminal Handler v.1.5.1 allows a remote 
attacker to e ...)
        NOT-FOR-US: NCR Terminal Handler
 CVE-2021-47688 (In WhiteBeam 0.2.0 through 0.2.1 before 0.2.2, a user with 
local acces ...)
-       TODO: check
+       NOT-FOR-US: WhiteBeam
 CVE-2025-6503 (A vulnerability was found in code-projects Inventory Management 
System ...)
        NOT-FOR-US: code-projects
 CVE-2025-6502 (A vulnerability has been found in code-projects Inventory 
Management S ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9afcff8a4e458651a1dbbca2de8ba952e3f30aca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9afcff8a4e458651a1dbbca2de8ba952e3f30aca
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to