[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 16 Sep 2025 08:15:13 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dec5eae0 by Moritz Muehlenhoff at 2025-09-16T14:06:56+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -222,7 +222,7 @@ CVE-2025-10479 (A security flaw has been discovered in 
SourceCodester Online Stu
 CVE-2025-10477 (A vulnerability was identified in kidaze CourseSelectionSystem 
up to 4 ...)
        NOT-FOR-US: kidaze CourseSelectionSystem
 CVE-2024-12367 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
-       TODO: check
+       NOT-FOR-US: Vega Master
 CVE-2025-24293
        - rails 2:7.2.2.2+dfsg-1
        NOTE: 
https://github.com/rails/rails/security/advisories/GHSA-r4mg-4433-c7g3
@@ -245,7 +245,7 @@ CVE-2025-9072 (Mattermost versions 10.10.x <= 10.10.1, 
10.5.x <= 10.5.9, 10.9.x
 CVE-2025-8396 (Insufficiently specific bounds checking on authorization header 
could  ...)
        NOT-FOR-US: Temporal
 CVE-2025-6202 (Vulnerability in SK Hynix DDR5 on x86 allows a local attacker 
to trigg ...)
-       TODO: check
+       NOT-FOR-US: Hynix
 CVE-2025-59399 (libocpp before 0.28.0 allows a denial of service (EVerest 
crash) becau ...)
        NOT-FOR-US: libocpp
 CVE-2025-59398 (The OCPP implementation in libocpp before 0.26.2 allows a 
denial of se ...)
@@ -169164,7 +169164,6 @@ CVE-2024-28180 (Package jose aims to provide an 
implementation of the Javascript
        NOTE: 
https://github.com/go-jose/go-jose/commit/0dd4dd541c665fb292d664f77604ba694726f298
 (v2.6.3)
        NOTE: 
https://github.com/go-jose/go-jose/commit/add6a284ea0f844fd6628cba637be5451fe4b28a
 (v3.0.3)
        NOTE: 
https://github.com/go-jose/go-jose/commit/f4c051a0653d78199a053892f7619ebf96339502
 (v4.0.1)
-       TODO: check completeness
 CVE-2024-28176 (jose is JavaScript module for JSON Object Signing and 
Encryption, prov ...)
        NOT-FOR-US: JavaScript module for JSON Object Signing and Encryption 
(panva/jose)
 CVE-2024-28123 (Wasmi is an efficient and lightweight WebAssembly interpreter 
with a f ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dec5eae060e29111ace013f2981ff3a650a3fb9a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dec5eae060e29111ace013f2981ff3a650a3fb9a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to