[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 09 May 2025 01:07:38 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c734cedc by Moritz Muehlenhoff at 2025-05-09T10:06:57+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -666,7 +666,7 @@ CVE-2025-46827 (Graylog is a free and open log management 
platform. Prior to ver
 CVE-2025-46824 (The Discourse Code Review Plugin allows users to review GitHub 
commits ...)
        NOT-FOR-US: Discourse Code Review Plugin
 CVE-2025-46551 (JRuby-OpenSSL is an add-on gem for JRuby that emulates the 
Ruby OpenSS ...)
-       TODO: check
+       NOT-FOR-US: JRuby-OpenSSL
 CVE-2025-45514 (Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the 
functio ...)
        NOT-FOR-US: Tenda
 CVE-2025-45388 (Wagtail CMS 6.4.1 is vulnerable to a Stored Cross-Site 
Scripting (XSS) ...)
@@ -870,9 +870,9 @@ CVE-2025-47419 (Cleartext Transmission of Sensitive 
Information vulnerability in
 CVE-2025-47418 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
        NOT-FOR-US: Crestron
 CVE-2025-46573 (passport-wsfed-saml2 provides passport strategy for both 
WS-fed and SA ...)
-       TODO: check
+       NOT-FOR-US: Node passport-wsfed-saml2
 CVE-2025-46572 (passport-wsfed-saml2 provides passport strategy for both 
WS-fed and SA ...)
-       TODO: check
+       NOT-FOR-US: Node passport-wsfed-saml2
 CVE-2025-44899 (There is a stack overflow vulnerability in Tenda RX3 
V1.0br_V16.03.13. ...)
        NOT-FOR-US: Tenda
 CVE-2025-44073 (SeaCMS v13.3 was discovered to contain a SQL injection 
vulnerability v ...)
@@ -1015,9 +1015,9 @@ CVE-2025-47256 (Libxmp through 4.6.2 has a stack-based 
buffer overflow in depack
        NOTE: https://github.com/libxmp/libxmp/pull/848
        NOTE: Fixed by: 
https://github.com/libxmp/libxmp/commit/004a102c5a75ad809fc309ff73ce8d0f9ab3e456
 CVE-2025-46820 (phpgt/Dom provides access to modern DOM APIs. Versions of 
phpgt/Dom pr ...)
-       TODO: check
+       NOT-FOR-US: phpgt/Dom
 CVE-2025-46816 (goshs is a SimpleHTTPServer written in Go. Starting in version 
0.3.4 a ...)
-       TODO: check
+       NOT-FOR-US: goshs
 CVE-2025-46815 (The identity infrastructure software ZITADEL offers developers 
the abi ...)
        NOT-FOR-US: Zitadel
 CVE-2025-46814 (FastAPI Guard is a security library for FastAPI that provides 
middlewa ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c734cedca2eca6770c1d2c1cb7ec44804315548c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c734cedca2eca6770c1d2c1cb7ec44804315548c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to