[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 18 Oct 2025 03:16:46 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ebfedf54 by Salvatore Bonaccorso at 2025-10-15T23:24:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -68,7 +68,7 @@ CVE-2025-59269 (A stored cross-site scripting (XSS) 
vulnerability exists in an u
 CVE-2025-59268 (On the BIG-IP system, undisclosed endpoints that contain 
static non-se ...)
        NOT-FOR-US: F5
 CVE-2025-58474 (When BIG-IP Advanced WAF is configured on a virtual server 
with Server ...)
-       TODO: check
+       NOT-FOR-US: N5
 CVE-2025-58424 (On BIG-IP systems, undisclosed traffic can cause data 
corruption and u ...)
        NOT-FOR-US: F5
 CVE-2025-58153 (Under undisclosed traffic conditions along with conditions 
beyond the  ...)
@@ -78,21 +78,21 @@ CVE-2025-58133 (Authentication bypass in some Zoom Rooms 
Clients before version
 CVE-2025-58132 (Command injection in some Zoom Clients for Windows may allow 
an authen ...)
        NOT-FOR-US: Zoom
 CVE-2025-58120 (When HTTP/2 Ingress is configured, undisclosed traffic can 
cause the T ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-58096 (When the database variable tm.tcpudptxchecksumis configured as 
non-def ...)
        NOT-FOR-US: F5
 CVE-2025-58071 (When IPsec is configured on the BIG-IP system, undisclosed 
traffic can ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-57780 (A vulnerability exists in F5OS-A and F5OS-C system that may 
allow an a ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-56749 (Creativeitem Academy LMS up to and including 6.14 uses a 
hardcoded def ...)
-       TODO: check
+       NOT-FOR-US: Creativeitem Academy LMS
 CVE-2025-56748 (Creativeitem Academy LMS up to and including 5.13 uses 
predictable pas ...)
-       TODO: check
+       NOT-FOR-US: Creativeitem Academy LMS
 CVE-2025-56746 (Creativeitem Academy LMS up to and including 5.13 does not 
regenerate  ...)
-       TODO: check
+       NOT-FOR-US: Creativeitem Academy LMS
 CVE-2025-55670 (On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for 
Kubernetes sy ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-55669 (When the BIG-IP Advanced WAF and ASM security policy and a 
server-side ...)
        NOT-FOR-US: F5
 CVE-2025-55083 (In NetX Duo version before 6.4.4, the component of Eclipse 
Foundation  ...)
@@ -108,11 +108,11 @@ CVE-2025-54858 (When a BIG-IP Advanced WAF or BIG-IP ASM 
Security Policy is conf
 CVE-2025-54854 (When a BIG-IP APM OAuth access profile (Resource Server or 
Resource Cl ...)
        NOT-FOR-US: F5
 CVE-2025-54805 (When an iRule is configured on a virtual server via the 
declarative AP ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-54755 (A directory traversal vulnerability exists in TMUI that allows 
an auth ...)
        NOT-FOR-US: F5
 CVE-2025-54479 (When a classification profile is configured on a virtual 
server withou ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-54271 (Creative Cloud Desktop versions 6.7.0.278 and earlier are 
affected by  ...)
        NOT-FOR-US: Adobe
 CVE-2025-53868 (When running in Appliance mode, a highly privileged 
authenticated atta ...)
@@ -126,15 +126,15 @@ CVE-2025-53521 (When a BIG-IP APM Access Policy is 
configured on a virtual serve
 CVE-2025-53474 (When an iRule using an ILX::callcommand is configured on a 
virtual ser ...)
        NOT-FOR-US: F5
 CVE-2025-48008 (When a TCP profile with Multipath TCP (MPTCP) enabled is 
configured on ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-47150 (When SNMP is configured on F5OS Appliance and Chassis systems, 
undiscl ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-47148 (When the BIG-IP system is configured as both a Security 
Assertion Mark ...)
        NOT-FOR-US: F5
 CVE-2025-46706 (When an iRule containing the HTTP::respond command is 
configured on a  ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-41430 (When BIG-IP SSL Orchestrator is enabled, undisclosed traffic 
can cause ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-2529 (Applications using affected versions of Ehcache 3.x can 
experience deg ...)
        NOT-FOR-US: IBM
 CVE-2025-20360 (Multiple Cisco products are affected by a vulnerability in the 
Snort 3 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebfedf542963b98356fedd77512343bc3b2f8ac5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebfedf542963b98356fedd77512343bc3b2f8ac5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to