[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 15 08:38:14 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f487839 by Salvatore Bonaccorso at 2025-12-15T09:37:54+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
 CVE-2025-67907
 	REJECTED
 CVE-2025-67906 (In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp a ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2025-67901 (openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other p ...)
-	TODO: check
+	NOT-FOR-US: openrsync
 CVE-2025-67900 (NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF  ...)
-	TODO: check
+	NOT-FOR-US: NXLog Agent
 CVE-2025-67899 (uriparser through 0.9.9 allows unbounded recursion and stack consumpti ...)
 	- uriparser <unfixed>
 	NOTE: https://github.com/uriparser/uriparser/issues/282
 	NOTE: https://github.com/uriparser/uriparser/pull/284
 CVE-2025-67898 (MJML through 4.18.0 allows mj-include directory traversal to test file ...)
-	TODO: check
+	NOT-FOR-US: MJML
 CVE-2025-14712 (Student Learning Assessment and Support System developed by JHENG GAO  ...)
-	TODO: check
+	NOT-FOR-US: Student Learning Assessment and Support System
 CVE-2025-14710 (A vulnerability was detected in FantasticLBP Hotels Server up to 67b44 ...)
-	TODO: check
+	NOT-FOR-US: FantasticLBP Hotels Server
 CVE-2025-14709 (A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox N3
 CVE-2025-14708 (A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affecte ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox
 CVE-2025-14707 (A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Af ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox
 CVE-2025-14706 (A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This im ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox
 CVE-2025-14705 (A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This af ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox
 CVE-2025-14704 (A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox
 CVE-2025-14703 (A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The aff ...)
-	TODO: check
+	NOT-FOR-US: Shiguangwu sgwbox
 CVE-2025-14702 (A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4.  ...)
-	TODO: check
+	NOT-FOR-US: Smartbit CommV Smartschool App
 CVE-2025-14699 (A security vulnerability has been detected in Municorn FAX App 3.27.0  ...)
-	TODO: check
+	NOT-FOR-US: Municorn FAX App
 CVE-2025-14698 (A weakness has been identified in atlaszz AI Photo Team Galleryit App  ...)
-	TODO: check
+	NOT-FOR-US: atlaszz AI Photo Team Galleryit App
 CVE-2025-14697 (A security flaw has been discovered in Shenzhen Sixun Software Sixun S ...)
-	TODO: check
+	NOT-FOR-US: Shenzhen Sixun Software Sixun Shanghui Group Business Management System
 CVE-2025-14696 (A vulnerability was identified in Shenzhen Sixun Software Sixun Shangh ...)
-	TODO: check
+	NOT-FOR-US: Shenzhen Sixun Software Sixun Shanghui Group Business Management System
 CVE-2025-14695 (A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896 ...)
-	TODO: check
+	NOT-FOR-US: SamuNatsu HaloBot
 CVE-2025-14694 (A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the ...)
-	TODO: check
+	NOT-FOR-US: ketr JEPaaS
 CVE-2025-14693 (A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This aff ...)
-	TODO: check
+	NOT-FOR-US: Ugreen DH2100+
 CVE-2025-14692 (A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element ...)
-	TODO: check
+	NOT-FOR-US: Mayan EDMS
 CVE-2025-14691 (A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected  ...)
-	TODO: check
+	NOT-FOR-US: Mayan EDMS
 CVE-2025-14549 (In the Eclipse OMR compiler component, since release 0.7.0, an optimiz ...)
 	TODO: check
 CVE-2025-14023 (LINE client for iOS prior to 15.19 allows UI spoofing due to inconsist ...)
-	TODO: check
+	NOT-FOR-US: LINE client for iOS
 CVE-2025-14022 (LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due ...)
-	TODO: check
+	NOT-FOR-US: LINE client for iOS
 CVE-2025-14021 (The in-app browser in LINE client for iOS versions prior to 14.14 is v ...)
-	TODO: check
+	NOT-FOR-US: LINE client for iOS
 CVE-2025-14020 (LINE client for Android versions prior to 14.20 contains a UI spoofing ...)
-	TODO: check
+	NOT-FOR-US: LINE client for Android
 CVE-2025-14019 (LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI ...)
-	TODO: check
+	NOT-FOR-US: LINE client for Android
 CVE-2025-13740 (The Lightweight Accordion plugin for WordPress is vulnerable to Stored ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-13355 (The URL Shortify  WordPress plugin before 1.11.4 does not sanitise and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f487839415301d1b304e39757366a95b93e0793

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f487839415301d1b304e39757366a95b93e0793
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251215/7a704776/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list