Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b747d671 by Salvatore Bonaccorso at 2025-12-10T09:21:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-9571 (A remote code execution (RCE) vulnerability exists in Google
Cloud Dat ...)
- TODO: check
+ NOT-FOR-US: Google Cloud Data Fusion
CVE-2025-9056 (Unprotected service in the AudioLink component allows a local
attacker ...)
NOT-FOR-US: TECNO Mobile
CVE-2025-67613
@@ -21,19 +21,19 @@ CVE-2025-67606
CVE-2025-67605
REJECTED
CVE-2025-67507 (Filament is a collection of full-stack components for
accelerated Lara ...)
- TODO: check
+ NOT-FOR-US: Filament
CVE-2025-67506 (PipesHub is a fully extensible workplace AI platform for
enterprise se ...)
- TODO: check
+ NOT-FOR-US: PipesHub
CVE-2025-67503
REJECTED
CVE-2025-67502 (Taguette is an open source qualitative research tool. In
versions 1.5. ...)
- TODO: check
+ NOT-FOR-US: Taguette
CVE-2025-67501 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
NOT-FOR-US: WeGIA
CVE-2025-67500 (Mastodon is a free, open-source social network server based on
Activit ...)
TODO: check
CVE-2025-67499 (The CNI portmap plugin allows containers to emulate opening a
host por ...)
- TODO: check
+ NOT-FOR-US: CNI portmap plugin
CVE-2025-67498
REJECTED
CVE-2025-67497
@@ -41,19 +41,19 @@ CVE-2025-67497
CVE-2025-67496 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
NOT-FOR-US: WeGIA
CVE-2025-67495 (ZITADEL is an open-source identity infrastructure tool.
Versions 4.0.0 ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2025-67494 (ZITADEL is an open-source identity infrastructure tool.
Versions 4.7.0 ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2025-67489 (@vitejs/plugin-rs provides React Server Components (RSC)
support for V ...)
- TODO: check
+ NOT-FOR-US: React Server Components (RSC) support plugin for Vite
CVE-2025-67488 (SiYuan is self-hosted, open source personal knowledge
management softw ...)
- TODO: check
+ NOT-FOR-US: SiYuan
CVE-2025-67485 (mad-proxy is a Python-based HTTP/HTTPS proxy server for
detection and ...)
TODO: check
CVE-2025-66645 (NiceGUI is a Python-based UI framework. Versions 3.3.1 and
below are v ...)
- TODO: check
+ NOT-FOR-US: NiceGUI
CVE-2025-66626 (Argo Workflows is an open source container-native workflow
engine for ...)
- TODO: check
+ NOT-FOR-US: Argo
CVE-2025-66625 (Umbraco is an ASP.NET CMS. Due to unsafe handling and deletion
of temp ...)
NOT-FOR-US: Umbraco CMS
CVE-2025-66457 (Elysia is a Typescript framework for request validation, type
inferenc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b747d671475b75e45e8c5def1a253a69d11ecdac
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b747d671475b75e45e8c5def1a253a69d11ecdac
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
