Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a7fe7495 by Moritz Muehlenhoff at 2025-07-15T10:01:07+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2025-7625 (A vulnerability, which was classified as
critical, was found in Y
CVE-2025-7618 (A stored Cross-Site Scripting (XSS) vulnerability vulnerability
was fo ...)
NOT-FOR-US: Asustor
CVE-2025-7616 (A vulnerability, which was classified as critical, has been
found in g ...)
- TODO: check
+ NOT-FOR-US: snap7-rs
CVE-2025-7615 (A vulnerability classified as critical was found in TOTOLINK T6
4.1.5c ...)
NOT-FOR-US: TOTOLINK
CVE-2025-7614 (A vulnerability classified as critical has been found in
TOTOLINK T6 4 ...)
@@ -83,7 +83,7 @@ CVE-2025-53689 (Blind XXE Vulnerabilities in
jackrabbit-spi-commons and jackrabb
CVE-2025-53639 (MeterSphere is an open source continuous testing platform.
Prior to ve ...)
NOT-FOR-US: MeterSphere
CVE-2025-53623 (The Job Iteration API is an an extension for ActiveJob that
make jobs ...)
- TODO: check
+ NOT-FOR-US: Shopify extension
CVE-2025-53101 (ImageMagick is free and open-source software used for editing
and mani ...)
- imagemagick <unfixed>
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9
@@ -124,7 +124,7 @@ CVE-2025-51650 (An arbitrary file upload vulnerability in
the component /control
CVE-2025-50756 (Wavlink WN535K3 20191010 was found to contain a command
injection vuln ...)
NOT-FOR-US: Wavlink
CVE-2025-27582 (The Secure Password extension in One Identity Password Manager
before ...)
- TODO: check
+ NOT-FOR-US: One Identity Password Manager
CVE-2025-24391 (A vulnerability in the External Interface of OTRS allows
conclusions t ...)
NOT-FOR-US: OTRS
NOTE: Issue is listed as specific to >= 7.x, so won't affect Znuny
which forked from 6.x
@@ -582,7 +582,7 @@ CVE-2025-3631 (An IBM MQ 9.3 and 9.4 Client connecting to
an MQ Queue Manager ca
CVE-2025-30661 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
NOT-FOR-US: Juniper
CVE-2025-30403 (A heap-buffer-overflow vulnerability is possible in mvfst via
a specia ...)
- TODO: check
+ NOT-FOR-US: mvfst
CVE-2025-30402 (A heap-buffer-overflow vulnerability in the loading of
ExecuTorch meth ...)
NOT-FOR-US: ExecuTorch
CVE-2024-47065 (Meshtastic is an open source mesh networking solution. Prior
to 2.5.1, ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7fe749507b054ee9b6f405ca47fcacbc310c80f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7fe749507b054ee9b6f405ca47fcacbc310c80f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
