[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 25 21:08:41 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
16979fee by Salvatore Bonaccorso at 2025-12-25T22:08:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2025-68936 (ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This ...)
-	TODO: check
+	NOT-FOR-US: ONLYOFFICE Docs
 CVE-2025-68935 (ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Mul ...)
-	TODO: check
+	NOT-FOR-US: ONLYOFFICE Docs
 CVE-2025-2406 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Trizbi
 CVE-2025-2405 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Titarus
 CVE-2025-2307 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Aidango
 CVE-2025-15085 (A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2. ...)
-	TODO: check
+	NOT-FOR-US: youlaitech youlai-mall
 CVE-2025-15084 (A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0.  ...)
-	TODO: check
+	NOT-FOR-US: youlaitech youlai-mall
 CVE-2025-15083 (A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affec ...)
-	TODO: check
+	NOT-FOR-US: TOZED ZLT M30s
 CVE-2025-15082 (A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an ...)
-	TODO: check
+	NOT-FOR-US: TOZED ZLT M30s
 CVE-2025-15081 (A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This is ...)
-	TODO: check
+	NOT-FOR-US: JD Cloud BE6500
 CVE-2025-8769 (Telenium Online Web Application is vulnerable due to a Perl script tha ...)
 	NOT-FOR-US: Telenium Online Web Application
 CVE-2025-68922 (OpenOps before 0.6.11 allows remote code execution in the Terraform bl ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16979fee3bea1cbf0c7c0690a9b38905b386a632

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16979fee3bea1cbf0c7c0690a9b38905b386a632
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251225/5f3ad995/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list