[Git][security-tracker-team/security-tracker][master] Remove one reference for CVE-2025-7969

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 24 07:39:52 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
83c85449 by Salvatore Bonaccorso at 2025-08-24T08:37:22+02:00
Remove one reference for CVE-2025-7969

Remove the one reference to the advisory site. Issue is disupted as
having security impact from upstream so mark it now at least as
unimportant.

Thanks: Daniel Leidert for the triage.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -627,11 +627,10 @@ CVE-2025-8402 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <=
 CVE-2025-8064 (The Bible SuperSearch plugin for WordPress is vulnerable to Stored Cro ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7969 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	- node-markdown-it <unfixed>
-	TODO: check upstream details
-	NOTE: https://fluidattacks.com/advisories/fito
+	- node-markdown-it <unfixed> (unimportant)
 	NOTE: https://github.com/markdown-it/markdown-it/issues/1122
-	NOTE: Upstream disputes issue
+	NOTE: Upstream disputes issue:
+	NOTE: https://github.com/markdown-it/markdown-it/issues/1122#issuecomment-3215928097
 CVE-2025-7051 (On N-central, it is possible for any authenticated user to read, write ...)
 	NOT-FOR-US: N-central
 CVE-2025-6465 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 10.10.x <= 10. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83c85449b64e5367ad06e1a43233f4f4a906da00

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83c85449b64e5367ad06e1a43233f4f4a906da00
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250824/747aa65b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list