[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Fri, 26 Dec 2025 12:14:16 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
84eab6df by security tracker role at 2025-12-26T20:13:58+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,29 +15,29 @@ CVE-2025-66737 (Yealink T21P_E2 Phone 52.84.0.15 is 
vulnerable to Directory Trav
 CVE-2025-65885 (An issue was discovered in the Delight Custom Firmware (CFW) 
for Nokia ...)
        TODO: check
 CVE-2025-64645 (IBM Concert 1.0.0 through 2.1.0 could allow a local user to 
escalate t ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-57403 (Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When 
a DNS qu ...)
        TODO: check
 CVE-2025-36230 (IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to 
HTML injec ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-36229 (IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow 
authenticated u ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-36228 (IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow 
inconsistent perm ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-36192 (IBM DS8A00( R10.1) 10.10.106.0 and IBM DS8A00 ( R10.0) 
10.1.3.010.2.45 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-25341 (A vulnerability exists in the libxmljs 1.0.11 when parsing a 
specially ...)
        TODO: check
 CVE-2025-1721 (IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker 
to obtai ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-14687 (IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an 
authent ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-13915 (IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could 
allow a ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-13158 (Prototype pollution vulnerability in apidoc-core versions 
0.2.0 and al ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2025-12771 (IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based 
buffer  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-44065 (Time-based blind SQL Injection vulnerability in Cloudlog 
v2.6.15 at th ...)
        TODO: check
 CVE-2024-42718 (A path traversal vulnerability in Croogo CMS 4.0.7 allows 
remote attac ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84eab6dfca1da40bc3904a2b15c1ac906d149c26

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84eab6dfca1da40bc3904a2b15c1ac906d149c26
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to