[Git][security-tracker-team/security-tracker][master] Add new netcdf issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 24 22:16:01 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dca7aeb2 by Salvatore Bonaccorso at 2025-12-24T23:15:26+01:00
Add new netcdf issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1786,15 +1786,25 @@ CVE-2025-15045 (A flaw has been found in Tenda WH450 1.0.0.18. The affected elem
 CVE-2025-15044 (A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an u ...)
 	NOT-FOR-US: Tenda
 CVE-2025-14936 (NSF Unidata NetCDF-C Attribute Name Stack-based Buffer Overflow Remote ...)
-	TODO: check
+	- netcdf <unfixed>
+	- netcdf-parallel <unfixed>
+	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1155/
 CVE-2025-14935 (NSF Unidata NetCDF-C Dimension Name Heap-based Buffer Overflow Remote  ...)
-	TODO: check
+	- netcdf <unfixed>
+	- netcdf-parallel <unfixed>
+	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1154/
 CVE-2025-14934 (NSF Unidata NetCDF-C Variable Name Stack-based Buffer Overflow Remote  ...)
-	TODO: check
+	- netcdf <unfixed>
+	- netcdf-parallel <unfixed>
+	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1152/
 CVE-2025-14933 (NSF Unidata NetCDF-C NC Variable Integer Overflow Remote Code Executio ...)
-	TODO: check
+	- netcdf <unfixed>
+	- netcdf-parallel <unfixed>
+	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1151/
 CVE-2025-14932 (NSF Unidata NetCDF-C Time Unit Stack-based Buffer Overflow Remote Code ...)
-	TODO: check
+	- netcdf <unfixed>
+	- netcdf-parallel <unfixed>
+	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1153/
 CVE-2025-14931 (Hugging Face smolagents Remote Python Executor Deserialization of Untr ...)
 	NOT-FOR-US: Hugging Face smolagents
 CVE-2025-14930 (Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remot ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dca7aeb24b5c438b237c28539a054f0997dcd46f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dca7aeb24b5c438b237c28539a054f0997dcd46f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251224/dca62b18/attachment.htm>

More information about the debian-security-tracker-commits mailing list