Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
885abb8f by Salvatore Bonaccorso at 2025-12-02T13:57:07+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,61 +5,61 @@ CVE-2025-66415 (fastify-reply-from is a Fastify plugin to
forward the current HT
CVE-2025-66412 (Angular is a development platform for building mobile and
desktop web ...)
TODO: check
CVE-2025-66410 (Gin-vue-admin is a backstage management system based on vue
and gin. I ...)
- TODO: check
+ NOT-FOR-US: gin-vue-admin
CVE-2025-66405 (Portkey.ai Gateway is a blazing fast AI Gateway with
integrated guardr ...)
- TODO: check
+ NOT-FOR-US: Portkey.ai Gateway
CVE-2025-66403 (FileRise is a self-hosted web-based file manager with
multi-file uploa ...)
- TODO: check
+ NOT-FOR-US: FileRise
CVE-2025-66401 (MCP Watch is a comprehensive security scanner for Model
Context Protoc ...)
- TODO: check
+ NOT-FOR-US: MCP Watch
CVE-2025-66400 (mdast-util-to-hast is an mdast utility to transform to hast.
From 13.0 ...)
- TODO: check
+ NOT-FOR-US: mdast-util-to-hast
CVE-2025-66313 (ChurchCRM is an open-source church management system. In
ChurchCRM 6.2 ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2025-66312 (This admin plugin for Grav is an HTML user interface that
provides a c ...)
- TODO: check
+ NOT-FOR-US: Grav plugin
CVE-2025-66311 (This admin plugin for Grav is an HTML user interface that
provides a c ...)
- TODO: check
+ NOT-FOR-US: Grav plugin
CVE-2025-66310 (This admin plugin for Grav is an HTML user interface that
provides a c ...)
- TODO: check
+ NOT-FOR-US: Grav plugin
CVE-2025-66309 (This admin plugin for Grav is an HTML user interface that
provides a c ...)
- TODO: check
+ NOT-FOR-US: Grav plugin
CVE-2025-66308 (This admin plugin for Grav is an HTML user interface that
provides a c ...)
- TODO: check
+ NOT-FOR-US: Grav plugin
CVE-2025-66307 (This admin plugin for Grav is an HTML user interface that
provides a c ...)
- TODO: check
+ NOT-FOR-US: Grav plugin
CVE-2025-66306 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27,
there is an ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66305 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a
Denial of ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66304 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27,
users with ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66303 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A
Denial of ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66302 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A
path trav ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66301 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, due
to impr ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66300 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A
low privi ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66299 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27,
Grav CMS is ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66298 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27,
having a si ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66297 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a
user with ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66296 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a
privilege ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66295 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27,
when a user ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66294 (Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a
Server-Si ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-66206 (Frappe is a full-stack web application framework. Prior to
15.86.0 and ...)
TODO: check
CVE-2025-66205 (Frappe is a full-stack web application framework. Prior to
15.86.0 and ...)
TODO: check
CVE-2025-65840 (PublicCMS V5.202506.b is vulnerable to Cross Site Request
Forgery (CSR ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2025-65622 (Snipe-IT before 8.3.4 allows stored XSS via the Locations
"Country" fi ...)
TODO: check
CVE-2025-65621 (Snipe-IT before 8.3.4 allows stored XSS, allowing a
low-privileged aut ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/885abb8f312a8ca622cf91ad4fa6554eb96b19b4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/885abb8f312a8ca622cf91ad4fa6554eb96b19b4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
