[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 12 Sep 2025 08:41:43 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
37e7473b by Moritz Muehlenhoff at 2025-09-12T17:41:14+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28,7 +28,7 @@ CVE-2025-58754 (Axios is a promise based HTTP client for the 
browser and Node.js
        NOTE: https://github.com/axios/axios/pull/7011
        NOTE: 
https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593 
(v1.12.0)
 CVE-2025-55319 (Ai command injection in Agentic AI and Visual Studio Code 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-4974
        REJECTED
 CVE-2025-43789 (JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, 
and Lifer ...)
@@ -169,7 +169,7 @@ CVE-2025-10251 (A vulnerability was detected in FoxCMS up 
to 1.24. Affected by t
 CVE-2025-10250 (A weakness has been identified in DJI Mavic Spark, Mavic Air 
and Mavic ...)
        NOT-FOR-US: Mavic
 CVE-2025-10193 (DNS rebinding vulnerability in Neo4j Cypher MCP server allows 
maliciou ...)
-       TODO: check
+       NOT-FOR-US: Neo4j Cypher MCP server
 CVE-2025-10127 (Daikin Security Gateway is vulnerable to an authorization 
bypass throu ...)
        NOT-FOR-US: Daikin Security Gateway
 CVE-2025-39791 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
@@ -566,7 +566,7 @@ CVE-2025-6189 (The Duplicate Page and Post plugin for 
WordPress is vulnerable to
 CVE-2025-59049 (Mockoon provides way to design and run mock APIs. Prior to 
version 9.2 ...)
        NOT-FOR-US: Mockoon
 CVE-2025-59046 (The npm package `interactive-git-checkout` is an interactive 
command-l ...)
-       TODO: check
+       NOT-FOR-US: Node interactive-git-checkout
 CVE-2025-59045 (Stalwart is a mail and collaboration server. Starting in 
version 0.12. ...)
        - stalwart <itp> (bug #1109537)
 CVE-2025-59044 (Himmelblau is an interoperability suite for Microsoft Azure 
Entra ID a ...)
@@ -590,7 +590,7 @@ CVE-2025-59034 (Indico is an event management system that 
uses Flask-Multipass,
 CVE-2025-58768 (DeepChat is a smart assistant uses artificial intelligence. 
Prior to v ...)
        NOT-FOR-US: DeepChat
 CVE-2025-58765 (wabac.js provides a full web archive replay system, or 
'wayback machin ...)
-       TODO: check
+       NOT-FOR-US: wabac.js
 CVE-2025-58764 (Claude Code is an agentic coding tool. Due to an error in 
command pars ...)
        NOT-FOR-US: Claude Code
 CVE-2025-58763 (Tautulli is a Python based monitoring and tracking tool for 
Plex Media ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37e7473be6e85ed4364526866f22daa7d562fbe9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37e7473be6e85ed4364526866f22daa7d562fbe9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to