[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 10 08:14:23 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0beade3 by security tracker role at 2025-12-10T08:14:15+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-9571 (A remote code execution (RCE) vulnerability exists in Google Cloud Dat ...)
 	TODO: check
 CVE-2025-9056 (Unprotected service in the AudioLink component allows a local attacker ...)
-	TODO: check
+	NOT-FOR-US: TECNO Mobile
 CVE-2025-67613
 	REJECTED
 CVE-2025-67612
@@ -29,7 +29,7 @@ CVE-2025-67503
 CVE-2025-67502 (Taguette is an open source qualitative research tool. In versions 1.5. ...)
 	TODO: check
 CVE-2025-67501 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2025-67500 (Mastodon is a free, open-source social network server based on Activit ...)
 	TODO: check
 CVE-2025-67499 (The CNI portmap plugin allows containers to emulate opening a host por ...)
@@ -39,7 +39,7 @@ CVE-2025-67498
 CVE-2025-67497
 	REJECTED
 CVE-2025-67496 (WeGIA is an open source Web Manager for Institutions with a focus on P ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2025-67495 (ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0 ...)
 	TODO: check
 CVE-2025-67494 (ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 ...)
@@ -55,7 +55,7 @@ CVE-2025-66645 (NiceGUI is a Python-based UI framework. Versions 3.3.1 and below
 CVE-2025-66626 (Argo Workflows is an open source container-native workflow engine for  ...)
 	TODO: check
 CVE-2025-66625 (Umbraco is an ASP.NET CMS. Due to unsafe handling and deletion of temp ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2025-66457 (Elysia is a Typescript framework for request validation, type inferenc ...)
 	TODO: check
 CVE-2025-66039 (FreePBX Endpoint Manager is a module for managing telephony endpoints  ...)
@@ -63,55 +63,55 @@ CVE-2025-66039 (FreePBX Endpoint Manager is a module for managing telephony endp
 CVE-2025-65513 (fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forge ...)
 	TODO: check
 CVE-2025-64899 (Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-64898 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-64897 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-64896 (Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-64787 (Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-64786 (Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-64785 (Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.0 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61823 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61822 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61821 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61813 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61812 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61811 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61810 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61809 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61808 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-36437 (IBM Planning Analytics Local2.1.0 -2.1.15 could disclose sensitive inf ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-34425 (MailEnable versions prior to 10.54 contain a reflected cross-site scri ...)
-	TODO: check
+	NOT-FOR-US: MailEnable
 CVE-2025-13760
 	REJECTED
 CVE-2025-13743 (Docker Desktop diagnostics bundles were found to include expired Hub P ...)
-	TODO: check
+	NOT-FOR-US: Docker products not packaged in Debian
 CVE-2025-13677 (The Simple Download Counter plugin for WordPress is vulnerable to Path ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13613 (The Elated Membership plugin for WordPress is vulnerable to Authentica ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13339 (The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13073 (The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13072 (The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12952 (A privilege escalation vulnerability exists in Google Cloud's Dialogfl ...)
 	TODO: check
 CVE-2023-53774 (MiniDVBLinux 5.4 contains a remote code execution vulnerability in the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0beade35e296d343289a10a937c544e33ce6b24

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0beade35e296d343289a10a937c544e33ce6b24
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251210/63128e55/attachment.htm>

More information about the debian-security-tracker-commits mailing list