[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jul 1 13:15:01 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9df6c6b4 by Moritz Muehlenhoff at 2025-07-01T14:13:12+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,7 +79,7 @@ CVE-2025-53005 (DataEase is an open source business intelligence and data visual
 CVE-2025-53004 (DataEase is an open source business intelligence and data visualizatio ...)
 	NOT-FOR-US: DataEase
 CVE-2025-53003 (The Janssen Project is an open-source identity and access management ( ...)
-	TODO: check
+	NOT-FOR-US: Janssen
 CVE-2025-53001
 	REJECTED
 CVE-2025-52997 (File Browser provides a file managing interface within a specified dir ...)
@@ -113,7 +113,7 @@ CVE-2025-46702 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x
 CVE-2025-45931 (An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows  ...)
 	NOT-FOR-US: D-Link
 CVE-2025-45143 (string-math v1.2.2 was discovered to contain a Regex Denial of Service ...)
-	TODO: check
+	NOT-FOR-US: Node string-math
 CVE-2025-41439 (A reflected cross-site scripting vulnerability via a specific paramete ...)
 	NOT-FOR-US: RICOH
 CVE-2025-40734 (Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Ma ...)
@@ -141,9 +141,9 @@ CVE-2024-8419 (The endpoint hosts a script that allows an unauthorized remote at
 CVE-2024-53621 (A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 1 ...)
 	NOT-FOR-US: Tenda
 CVE-2024-49365 (tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version ...)
-	TODO: check
+	NOT-FOR-US: Node tiny-secp256k1
 CVE-2024-49364 (tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version ...)
-	TODO: check
+	NOT-FOR-US: Node tiny-secp256k1
 CVE-2024-46993 (Electron is an open source framework for writing cross-platform deskto ...)
 	- electron <itp> (bug #842420)
 CVE-2024-46992 (Electron is an open source framework for writing cross-platform deskto ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9df6c6b44ad3cb8b35c5a02b29fd75c867bbfecc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9df6c6b44ad3cb8b35c5a02b29fd75c867bbfecc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250701/706db430/attachment.htm>

More information about the debian-security-tracker-commits mailing list