Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e31d203f by Salvatore Bonaccorso at 2025-08-11T22:31:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,7 +19,7 @@ CVE-2025-8851 (A vulnerability was determined in LibTIFF up
to 4.5.1. Affected b
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3
(v4.7.0rc1)
NOTE: Crash in CLI tool, no security impact
CVE-2025-8847 (A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1.
Affected ...)
- TODO: check
+ NOT-FOR-US: yangzongzhuan RuoYi
CVE-2025-8846 (A vulnerability has been found in NASM Netwide Assember
2.17rc0. Affec ...)
TODO: check
CVE-2025-8845 (A vulnerability was identified in NASM Netwide Assember
2.17rc0. This ...)
@@ -31,39 +31,39 @@ CVE-2025-8843 (A vulnerability was found in NASM Netwide
Assember 2.17rc0. This
CVE-2025-8842 (A vulnerability has been found in NASM Netwide Assember
2.17rc0. Affec ...)
TODO: check
CVE-2025-8841 (A vulnerability was identified in zlt2000
microservices-platform up to ...)
- TODO: check
+ NOT-FOR-US: zlt2000 microservices-platform
CVE-2025-8840 (A vulnerability was determined in jshERP up to 3.5. Affected is
an unk ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-8839 (A vulnerability was found in jshERP up to 3.5. This issue
affects some ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-8838 (A vulnerability has been found in WinterChenS my-site up to
1f7525f159 ...)
- TODO: check
+ NOT-FOR-US: WinterChenS my-site
CVE-2025-8837 (A vulnerability was identified in JasPer up to 4.2.5. This
affects the ...)
TODO: check
CVE-2025-8672 (MacOS version of GIMP bundles a Python interpreter that
inherits the T ...)
TODO: check
CVE-2025-8285 (Mattermost Confluence Plugin version <1.5.0 fails to check the
access ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-7679 (Missing Authentication for Critical Function vulnerability in
ABB Aspe ...)
NOT-FOR-US: ABB group
CVE-2025-7677 (Missing Authentication for Critical Function vulnerability in
ABB Aspe ...)
NOT-FOR-US: ABB group
CVE-2025-54525 (Mattermost Confluence Plugin version <1.5.0 fails to handle
unexpected ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-54478 (Mattermost Confluence Plugin version <1.5.0 fails to enforce
authentic ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-54463 (Mattermost Confluence Plugin version <1.5.0 fails to handle
unexpected ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-54458 (Mattermost Confluence Plugin version <1.5.0 fails to check the
access ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-54063 (Cherry Studio is a desktop client that supports for multiple
LLM provi ...)
TODO: check
CVE-2025-53910 (Mattermost Confluence Plugin version <1.5.0 fails to check the
access ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-53857 (Mattermost Confluence Plugin version <1.5.0 fails to check the
access ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-53514 (Mattermost Confluence Plugin version <1.5.0 fails to handle
unexpected ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-53191 (Missing Authentication for Critical Function vulnerability in
ABB Aspe ...)
NOT-FOR-US: ABB group
CVE-2025-53190 (A vulnerability in ABB Aspect.This issue affects Aspect:
before <3.08. ...)
@@ -75,21 +75,21 @@ CVE-2025-53188 (Insufficiently Protected Credentials
vulnerability in ABB Aspect
CVE-2025-53187 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
NOT-FOR-US: ABB group
CVE-2025-52931 (Mattermost Confluence Plugin version <1.5.0 fails to handle
unexpected ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-51824 (libcsp 2.0 is vulnerable to Buffer Overflow in the
csp_usart_open() fu ...)
TODO: check
CVE-2025-51823 (libcsp 2.0 is vulnerable to Buffer Overflow in the
csp_eth_init() func ...)
TODO: check
CVE-2025-49221 (Mattermost Confluence Plugin version <1.5.0 fails to enforce
authentic ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-48731 (Mattermost Confluence Plugin version <1.5.0 fails to check the
access ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-45146 (ModelCache for LLM through v0.2.0 was discovered to contain an
deseria ...)
- TODO: check
+ NOT-FOR-US: ModelCache for LLM
CVE-2025-44004 (Mattermost Confluence Plugin version <1.5.0 fails to check the
authori ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-44001 (Mattermost Confluence Plugin version <1.5.0 fails to check the
access ...)
- TODO: check
+ NOT-FOR-US: Mattermost Confluence Plugin
CVE-2025-38499 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
TODO: check
CVE-2025-25231 (Omnissa Workspace ONE UEM contains a Secondary Context Path
Traversal ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e31d203f33d851b2644e3e8b4bfa08c4a82cf127
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e31d203f33d851b2644e3e8b4bfa08c4a82cf127
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
