[Git][security-tracker-team/security-tracker][master] NFUs

Tue, 08 Jul 2025 09:11:00 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b62e59c1 by Moritz Mühlenhoff at 2025-07-08T18:10:25+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -392,7 +392,7 @@ CVE-2025-43933 (fblog through 983bede allows account 
takeover via the password r
 CVE-2025-43932 (JobCenter through 7e7b0b2 allows account takeover via the 
password res ...)
        NOT-FOR-US: JobCenter
 CVE-2025-43931 (flask-boilerplate through a170e7c allows account takeover via 
the pass ...)
-       TODO: check
+       NOT-FOR-US: flask-boilerplate
 CVE-2025-43930 (Hashview 0.8.1 allows account takeover via the password reset 
feature  ...)
        NOT-FOR-US: Hashview
 CVE-2025-3920 (A vulnerability was identified in SUR-FBD CMMS where hard-coded 
creden ...)
@@ -824,15 +824,15 @@ CVE-2025-53568 (Cross-Site Request Forgery (CSRF) 
vulnerability in Tony Zeoli Ra
 CVE-2025-53566 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-53485 (SetTranslationHandler.php does not validate that the user is 
an electi ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki SecurePoll extension
 CVE-2025-53484 (User-controlled inputs are improperly escaped in:       *   
VotePage.p ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki SecurePoll extension
 CVE-2025-53483 (ArchivePage.php, UnarchivePage.php, and 
VoterEligibilityPage#executeCl ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki SecurePoll extension
 CVE-2025-53482 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki IPInfo extension
 CVE-2025-53481 (Uncontrolled Resource Consumption vulnerability in Wikimedia 
Foundatio ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki IPInfo extension
 CVE-2025-52833 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-52832 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b62e59c1cf2898c6a111e8fbed0c5597039e4bb9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b62e59c1cf2898c6a111e8fbed0c5597039e4bb9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to