[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 24 08:13:48 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6fc194df by security tracker role at 2025-12-24T08:13:41+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,9 +29,9 @@ CVE-2025-68664 (LangChain is a framework for building agents and LLM-powered app
 CVE-2025-68617 (FluidSynth is a software synthesizer based on the SoundFont 2 specific ...)
 	TODO: check
 CVE-2025-66445 (Authorization bypass vulnerability in Hitachi Infrastructure Analytics ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2025-66444 (Cross-site Scripting vulnerability in Hitachi Infrastructure Analytics ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2025-66213 (Coolify is an open-source and self-hostable tool for managing servers, ...)
 	TODO: check
 CVE-2025-66212 (Coolify is an open-source and self-hostable tool for managing servers, ...)
@@ -45,25 +45,25 @@ CVE-2025-66209 (Coolify is an open-source and self-hostable tool for managing se
 CVE-2025-64641 (Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10. ...)
 	TODO: check
 CVE-2025-57840 (ADB(Android Debug Bridge) is affected by type privilege bypass, succes ...)
-	TODO: check
+	NOT-FOR-US: Honor
 CVE-2025-15053 (A flaw has been found in code-projects Student Information System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15052 (A vulnerability was detected in code-projects Student Information Syst ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15050 (A security vulnerability has been detected in code-projects Student Fi ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15049 (A vulnerability was identified in code-projects Online Farm System 1.0 ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15048 (A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts a ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-15047 (A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unk ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-15046 (A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted e ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-15045 (A flaw has been found in Tenda WH450 1.0.0.18. The affected element is ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-15044 (A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an u ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-14936 (NSF Unidata NetCDF-C Attribute Name Stack-based Buffer Overflow Remote ...)
 	TODO: check
 CVE-2025-14935 (NSF Unidata NetCDF-C Dimension Name Heap-based Buffer Overflow Remote  ...)
@@ -175,7 +175,7 @@ CVE-2025-14402 (PDFsam Enhanced DOC File Insufficient UI Warning Remote Code Exe
 CVE-2025-14401 (PDFsam Enhanced App Out-Of-Bounds Read Remote Code Execution Vulnerabi ...)
 	TODO: check
 CVE-2025-13773 (The Print Invoice & Delivery Notes for WooCommerce plugin for WordPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13767 (Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10. ...)
 	TODO: check
 CVE-2025-13716 (Tencent MimicMotion create_pipeline Deserialization of Untrusted Data  ...)
@@ -207,7 +207,7 @@ CVE-2025-13700 (DreamFactory saveZipFile Command Injection Remote Code Execution
 CVE-2025-13698 (Deciso OPNsense diag_backup.php filename Directory Traversal Arbitrary ...)
 	TODO: check
 CVE-2025-13407 (The Gravity Forms WordPress plugin before 2.9.23.1 does not properly p ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12840 (Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer ...)
 	TODO: check
 CVE-2025-12839 (Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fc194df3ed08bf44ecb574d58be4db062a27266

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fc194df3ed08bf44ecb574d58be4db062a27266
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251224/4f8012b6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list