[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
770d74fe by Moritz Muehlenhoff at 2025-12-19T16:00:11+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2025-68385 (Improper neutralization of input during web page generation ('Cr
 CVE-2025-68384 (Allocation of Resources Without Limits or Throttling (CWE-770) in Elas ...)
 	- elasticsearch <removed>
 CVE-2025-68383 (Improper Validation of Specified Index, Position, or Offset in Input ( ...)
-	TODO: check
+	NOT-FOR-US: Elastic Filebeat
 CVE-2025-68382 (Out-of-bounds read (CWE-125) allows an unauthenticated remote attacker ...)
 	- packetbeat <itp> (bug #806484)
 CVE-2025-68381 (Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unaut ...)
@@ -117,15 +117,15 @@ CVE-2025-63948 (A SQL Injection vulnerability exists in phpMsAdmin version 2.2 i
 CVE-2025-63947 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in phpMsAd ...)
 	NOT-FOR-US: phpMsAdmin
 CVE-2025-62004 (BullWall Server Intrusion Protection services are initialized after lo ...)
-	TODO: check
+	NOT-FOR-US: BullWall
 CVE-2025-62003 (BullWall Server Intrusion Protection has a noticeable delay before the ...)
-	TODO: check
+	NOT-FOR-US: BullWall
 CVE-2025-62002 (BullWall Ransomware Containment relies on the number of file modificat ...)
-	TODO: check
+	NOT-FOR-US: BullWall
 CVE-2025-62001 (BullWall Ransomware Containment contains excluded file paths, such as  ...)
-	TODO: check
+	NOT-FOR-US: BullWall
 CVE-2025-62000 (BullWall Ransomware Containment does not entirely inspect a file to de ...)
-	TODO: check
+	NOT-FOR-US: BullWall
 CVE-2025-59529 (Avahi is a system which facilitates service discovery on a local netwo ...)
 	- avahi <unfixed>
 	NOTE: https://github.com/avahi/avahi/security/advisories/GHSA-73wf-3xmj-x82q
@@ -133,11 +133,11 @@ CVE-2025-59529 (Avahi is a system which facilitates service discovery on a local
 CVE-2025-53710 (Due to a product misconfiguration in certain deployment types, it was  ...)
 	NOT-FOR-US: Palantir
 CVE-2025-52692 (Successful exploitation of the vulnerability could allow an attacker w ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-46268 (Advantech WebAccess/SCADA is vulnerable to SQL injection, which may al ...)
 	NOT-FOR-US: Advantech
 CVE-2025-34452 (Streama versions 1.10.0 through 1.10.5 and prior to commit b7c8767 con ...)
-	TODO: check
+	NOT-FOR-US: Streama
 CVE-2025-34451 (rofl0r/proxychains-ng versions up to and including 4.17 and prior to c ...)
 	TODO: check
 CVE-2025-34450 (merbanan/rtl_433 versions up to and including 25.02 and prior to commi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/770d74fe1bdfb8b1c269b4bc87d29b7f3011a61b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/770d74fe1bdfb8b1c269b4bc87d29b7f3011a61b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251219/b339dd1f/attachment-0001.htm>