Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8759f334 by Salvatore Bonaccorso at 2026-07-04T09:19:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,37 +191,37 @@ CVE-2026-12252 (In nltk/nltk versions 3.9.3 and earlier, 
five Stanford interface
 CVE-2025-71380 (The Execute Command node in n8n allows authenticated users to 
execute  ...)
        TODO: check
 CVE-2025-71375 (picklescan before 0.0.34 fails to detect the 
_operator.methodcaller bu ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71373 (picklescan before 0.0.33 fails to detect operator.methodcaller 
functio ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71372 (Picklescan before 0.0.33 fails to detect the 
numpy.f2py.crackfortran.g ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71369 (picklescan before 0.0.28 fails to detect malicious pickle 
files that u ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71367 (picklescan before 0.0.34 fails to detect _operator.attrgetter 
function ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71366 (picklescan before 0.0.28 fails to detect malicious 
torch.utils.bottlen ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71364 (picklescan before 0.0.30 fails to detect the 
asyncio.unix_events._Unix ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71362 (picklescan before 0.0.33 fails to detect unsafe 
deserialization when n ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71360 (picklescan before 0.0.29 fails to detect malicious pickle 
files using  ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71359 (picklescan before 0.0.29 fails to detect malicious pickle 
payloads tha ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71356 (picklescan before 0.0.28 fails to detect malicious 
torch.fx.experiment ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71353 (picklescan before 0.0.28 fails to detect malicious pickle 
files that e ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71347 (picklescan before 0.0.33 fails to detect malicious pickle 
files using  ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71345 (picklescan before 0.0.30 fails to detect malicious pickle 
files that i ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71343 (picklescan before 0.0.30 fails to detect malicious pickle 
files that e ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2025-71342 (picklescan before 0.0.30 fails to detect malicious pickle 
files using  ...)
-       TODO: check
+       NOT-FOR-US: picklescan
 CVE-2026-12893 [gstreamer1-libav: gstreamer1-libav: NULL pointer dereference 
in gstavdemux.c error handler]
        - gst-libav1.0 <undetermined>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2491322 (not yet 
public)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8759f334c241e8cd94dd62c76a13913723b12c36

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8759f334c241e8cd94dd62c76a13913723b12c36
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to