Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8759f334 by Salvatore Bonaccorso at 2026-07-04T09:19:39+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -191,37 +191,37 @@ CVE-2026-12252 (In nltk/nltk versions 3.9.3 and earlier,
five Stanford interface
CVE-2025-71380 (The Execute Command node in n8n allows authenticated users to
execute ...)
TODO: check
CVE-2025-71375 (picklescan before 0.0.34 fails to detect the
_operator.methodcaller bu ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71373 (picklescan before 0.0.33 fails to detect operator.methodcaller
functio ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71372 (Picklescan before 0.0.33 fails to detect the
numpy.f2py.crackfortran.g ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71369 (picklescan before 0.0.28 fails to detect malicious pickle
files that u ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71367 (picklescan before 0.0.34 fails to detect _operator.attrgetter
function ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71366 (picklescan before 0.0.28 fails to detect malicious
torch.utils.bottlen ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71364 (picklescan before 0.0.30 fails to detect the
asyncio.unix_events._Unix ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71362 (picklescan before 0.0.33 fails to detect unsafe
deserialization when n ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71360 (picklescan before 0.0.29 fails to detect malicious pickle
files using ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71359 (picklescan before 0.0.29 fails to detect malicious pickle
payloads tha ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71356 (picklescan before 0.0.28 fails to detect malicious
torch.fx.experiment ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71353 (picklescan before 0.0.28 fails to detect malicious pickle
files that e ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71347 (picklescan before 0.0.33 fails to detect malicious pickle
files using ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71345 (picklescan before 0.0.30 fails to detect malicious pickle
files that i ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71343 (picklescan before 0.0.30 fails to detect malicious pickle
files that e ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2025-71342 (picklescan before 0.0.30 fails to detect malicious pickle
files using ...)
- TODO: check
+ NOT-FOR-US: picklescan
CVE-2026-12893 [gstreamer1-libav: gstreamer1-libav: NULL pointer dereference
in gstavdemux.c error handler]
- gst-libav1.0 <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2491322 (not yet
public)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8759f334c241e8cd94dd62c76a13913723b12c36
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8759f334c241e8cd94dd62c76a13913723b12c36
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits