Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
59f27a68 by Salvatore Bonaccorso at 2025-12-09T21:09:02+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60,7 +60,7 @@ CVE-2025-14321
CVE-2025-67504 (WBCE CMS is a content management system. Versions 1.6.4 and
below use ...)
NOT-FOR-US: WBCE CMS
CVE-2025-67487 (Static Web Server (SWS) is a production-ready web server
suitable for ...)
- TODO: check
+ NOT-FOR-US: Static Web Server (SWS)
CVE-2025-66649
REJECTED
CVE-2025-66631 (CSLA .NET is a framework designed for the development of
reusable, obj ...)
@@ -76,7 +76,7 @@ CVE-2025-66568 (The ruby-saml library implements the client
side of an SAML auth
CVE-2025-66567 (The ruby-saml library is for implementing the client side of a
SAML au ...)
TODO: check
CVE-2025-66565 (Fiber Utils is a collection of common functions created for
Fiber. In ...)
- TODO: check
+ NOT-FOR-US: Fiber Utils (gofiber)
CVE-2025-66508 (1Panel is an open-source, web-based control panel for Linux
server man ...)
NOT-FOR-US: 1Panel
CVE-2025-66507 (1Panel is an open-source, web-based control panel for Linux
server man ...)
@@ -92,17 +92,17 @@ CVE-2025-66470 (NiceGUI is a Python-based UI framework.
Versions 3.3.1 and below
CVE-2025-66469 (NiceGUI is a Python-based UI framework. Versions 3.3.1 and
below are v ...)
NOT-FOR-US: NiceGUI
CVE-2025-66204 (WBCE CMS is a content management system. Version 1.6.4
contains a brut ...)
- TODO: check
+ NOT-FOR-US: WBCE CMS
CVE-2025-66202 (Astro is a web framework. Versions 5.15.7 and below have a
double URL ...)
- TODO: check
+ NOT-FOR-US: Astro
CVE-2025-65964 (n8n is an open source workflow automation platform. Versions
0.123.1 t ...)
- TODO: check
+ NOT-FOR-US: n8n
CVE-2025-65962 (Tuleap is a free and open source suite for management of
software deve ...)
NOT-FOR-US: Tuleap
CVE-2025-65229 (A stored cross-site scripting (XSS) vulnerability exists in
the web in ...)
- TODO: check
+ NOT-FOR-US: Lyrion Music Server
CVE-2025-65228 (A stored cross-site scripting vulnerability exists in the web
manageme ...)
- TODO: check
+ NOT-FOR-US: R.V.R. Elettronica TLK302T telemetry controller
CVE-2025-64760 (Tuleap is a free and open source suite for management of
software deve ...)
NOT-FOR-US: Tuleap
CVE-2025-64650 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18
could d ...)
@@ -148,11 +148,11 @@ CVE-2025-36015 (IBM Controller 11.1.0 through 11.1.1 and
IBM Cognos Controller 1
CVE-2025-33111 (IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller
11.0.0 ...)
NOT-FOR-US: IBM
CVE-2025-14311 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: JMRI
CVE-2025-14310 (Buffer Copy without Checking Size of Input ('Classic Buffer
Overflow') ...)
- TODO: check
+ NOT-FOR-US: rethinkdb
CVE-2025-14309 (NULL Pointer Dereference vulnerability in ravynsoft
ravynos.This issue ...)
- TODO: check
+ NOT-FOR-US: ravynos
CVE-2025-14308 (An integer overflow vulnerability exists in the write method
of the Bu ...)
TODO: check
CVE-2025-14307 (An insecure temporary file creation vulnerability exists in
the AutoEx ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59f27a68f905ba7382b03897f92965c7acf8a3cd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59f27a68f905ba7382b03897f92965c7acf8a3cd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
