Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aec89ebc by Salvatore Bonaccorso at 2026-06-30T09:26:07+02:00
Remove notes on two now rejected originally open-webui CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -104403,7 +104403,6 @@ CVE-2025-63757 (Integer overflow vulnerability in the
yuv2ya16_X_c_template func
NOTE:
https://code.ffmpeg.org/FFmpeg/FFmpeg/ac4caa33bae5841649c61d4f8a0608dfa59c4fa1
(n5.1.8)
CVE-2025-63391
REJECTED
- NOT-FOR-US: open-webui
CVE-2025-63390 (An authentication bypass vulnerability exists in AnythingLLM
v1.8.5 in ...)
NOT-FOR-US: AnythingLLM
CVE-2025-63389 (A critical authentication bypass vulnerability exists in
Ollama platfo ...)
@@ -185726,7 +185725,6 @@ CVE-2025-29659 (Yi IOT XY-3820 6.0.24.10 is
vulnerable to Remote Command Executi
NOT-FOR-US: Yi IOT XY-3820
CVE-2025-29446
REJECTED
- NOT-FOR-US: open-webui
CVE-2025-29287 (An arbitrary file upload vulnerability in the ueditor
component of MCM ...)
NOT-FOR-US: MCMS
CVE-2025-28367 (mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via
BetterIm ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec89ebc4105962d79269136cbe6d418bef5968b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec89ebc4105962d79269136cbe6d418bef5968b
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits