Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8a4e8733 by Salvatore Bonaccorso at 2025-10-29T09:26:06+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,31 +13,31 @@ CVE-2025-64159
CVE-2025-64158
REJECTED
CVE-2025-64095 (DNN (formerly DotNetNuke) is an open-source web content
management pla ...)
- TODO: check
+ NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2025-64094 (DNN (formerly DotNetNuke) is an open-source web content
management pla ...)
- TODO: check
+ NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2025-62802 (DNN (formerly DotNetNuke) is an open-source web content
management pla ...)
- TODO: check
+ NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2025-62801 (FastMCP is the standard framework for building MCP
applications. Versi ...)
- TODO: check
+ NOT-FOR-US: FastMCP
CVE-2025-62800 (FastMCP is the standard framework for building MCP
applications. Versi ...)
- TODO: check
+ NOT-FOR-US: FastMCP
CVE-2025-62798 (Sharp is a content management framework built for Laravel as a
package ...)
- TODO: check
+ NOT-FOR-US: Sharp
CVE-2025-62796 (PrivateBin is an online pastebin where the server has zero
knowledge o ...)
- TODO: check
+ NOT-FOR-US: PrivateBin
CVE-2025-62794 (GitHub Workflow Updater is a VS Code extension that
automatically pins ...)
- TODO: check
+ NOT-FOR-US: GitHub Workflow Updater VS Code extension
CVE-2025-62776 (The installer of WTW EAGLE (for Windows) 3.0.8.0 contains an
issue wit ...)
- TODO: check
+ NOT-FOR-US: installer of WTW EAGLE (for Windows)
CVE-2025-62368 (Taiga is an open source project management platform. In
versions 6.8.3 ...)
- TODO: check
+ NOT-FOR-US: Taiga
CVE-2025-61598 (Discourse is an open source discussion platform. Version
before 3.6.2 ...)
NOT-FOR-US: Discourse
CVE-2025-57931 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro
Popup box a ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-4665 (WordPress plugin Contact Form CFDB7 versions up to and
including 1.3.2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-49042 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-43017 (HP ThinPro 8.1 System management application failed to verify
user's t ...)
@@ -109,9 +109,9 @@ CVE-2025-54605 (Bitcoin Core through 29.0 allows
Uncontrolled Resource Consumpti
CVE-2025-54604 (Bitcoin Core through 29.0 allows Uncontrolled Resource
Consumption (is ...)
- bitcoin <removed>
CVE-2025-53855 (An out-of-bounds write vulnerability exists in the XML parser
function ...)
- TODO: check
+ NOT-FOR-US: GCC Productions Inc. Fade In
CVE-2025-53814 (A use-after-free vulnerability exists in the XML parser
functionality ...)
- TODO: check
+ NOT-FOR-US: GCC Productions Inc. Fade In
CVE-2025-41090 (microCLAUDIA in v3.2.0 and prior has an improper access
control vulner ...)
NOT-FOR-US: microCLAUDIA
CVE-2025-40843 (CodeChecker is an analyzer tooling, defect database and viewer
extensi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a4e8733a52c4fa0e1ba2b7912ce57f7fd148336
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a4e8733a52c4fa0e1ba2b7912ce57f7fd148336
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
