Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c74d0644 by Moritz Muehlenhoff at 2025-05-30T11:28:38+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,15 +33,15 @@ CVE-2025-48880 (FreeScout is a free self-hosted help desk
and shared mailbox. Pr
CVE-2025-48875 (FreeScout is a free self-hosted help desk and shared mailbox.
Prior to ...)
NOT-FOR-US: FreeScout
CVE-2025-48865 (Fabio is an HTTP(S) and TCP router for deploying applications
managed ...)
- TODO: check
+ NOT-FOR-US: Fabio
CVE-2025-48757 (An insufficient database Row-Level Security policy in Lovable
through ...)
- TODO: check
+ NOT-FOR-US: Lovable
CVE-2025-48492 (GetSimple CMS is a content management system. In versions
starting fro ...)
NOT-FOR-US: GetSimple CMS
CVE-2025-48491 (Project AI is a platform designed to create AI agents. Prior
to the pr ...)
- TODO: check
+ NOT-FOR-US: Project AI
CVE-2025-48490 (Laravel Rest Api is an API generator. Prior to version 2.13.0,
a valid ...)
- TODO: check
+ NOT-FOR-US: Laravel Rest Api
CVE-2025-48489 (FreeScout is a free self-hosted help desk and shared mailbox.
Prior to ...)
NOT-FOR-US: FreeScout
CVE-2025-48488 (FreeScout is a free self-hosted help desk and shared mailbox.
Prior to ...)
@@ -99,7 +99,7 @@ CVE-2025-41406 (Cross-site scripting vulnerability exists in
wivia 5 all version
CVE-2025-41385 (An OS Command Injection issue exists in wivia 5 all versions.
If this ...)
NOT-FOR-US: wivia
CVE-2025-41235 (Spring Cloud Gateway Server forwards the X-Forwarded-Forand
Forwardedh ...)
- TODO: check
+ NOT-FOR-US: Spring Cloud Gateway Server
CVE-2025-31264 (An authentication issue was addressed with improved state
management. ...)
NOT-FOR-US: Apple
CVE-2025-31263 (The issue was addressed with improved memory handling. This
issue is f ...)
@@ -150,7 +150,7 @@ CVE-2025-4687 (In Teltonika Networks Remote Management
System (RMS), it is possi
CVE-2025-4670 (The Easy Digital Downloads \u2013 eCommerce Payments and
Subscriptions ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4081 (Use of entitlement
"com.apple.security.cs.disable-library-validation" ...)
- TODO: check
+ NOT-FOR-US: DaVinci Resolve
CVE-2025-48748 (Netwrix Directory Manager (formerly Imanami GroupID) through
v.10.0.77 ...)
NOT-FOR-US: Netwrix
CVE-2025-48475 (FreeScout is a free self-hosted help desk and shared mailbox.
Prior to ...)
@@ -217,7 +217,7 @@ CVE-2025-32752 (Dell ThinOS 2502 and prior contain a
Cleartext Storage of Sensit
CVE-2025-2518 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 11.5 ...)
NOT-FOR-US: IBM
CVE-2025-29632 (Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a
remote attac ...)
- TODO: check
+ NOT-FOR-US: Free5gc
CVE-2025-27151 (Redis is an open source, in-memory database that persists on
disk. In ...)
- redis <unfixed> (bug #1106822)
[bullseye] - redis <not-affected> (Vulnerable code not present)
@@ -602,7 +602,7 @@ CVE-2025-48383 (Django-Select2 is a Django integration for
Select2. Prior to ver
NOTE:
https://github.com/codingjoe/django-select2/security/advisories/GHSA-wjrh-hj83-3wh7
NOTE: Fixed by:
https://github.com/codingjoe/django-select2/commit/e5f41e6edba004d35f94915ff5e2559f44853412
(8.4.1)
CVE-2025-48370 (auth-js is an isomorphic Javascript library for Supabase Auth.
Prior t ...)
- TODO: check
+ NOT-FOR-US: Supabase auth-js
CVE-2025-48057 (Icinga 2 is a monitoring system which checks the availability
of netwo ...)
- icinga2 2.14.6-1
NOTE: Fixed by:
https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c74d064405bed64a9cc1e7e41e22f80989002af1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c74d064405bed64a9cc1e7e41e22f80989002af1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
