[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Jul 1 21:38:36 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
23150043 by Salvatore Bonaccorso at 2025-07-01T22:38:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,7 +33,7 @@ CVE-2025-6224 (Certificate generation in juju/utils using the cert.NewLeaf funct
 CVE-2025-5314 (The Dear Flipbook \u2013 PDF Flipbook, 3D Flipbook, PDF embed, PDF vie ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-5072 (Resource leak vulnerability in ASR180x\u3001ASR190x in con_mgrallows R ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-53107 (@cyanheads/git-mcp-server is an MCP server designed to interact with G ...)
 	NOT-FOR-US: cyanheads/git-mcp-server
 CVE-2025-53104 (gluestack-ui is a library of copy-pasteable components & patterns craf ...)
@@ -53,23 +53,23 @@ CVE-2025-50405 (Intelbras RX1500 Router v2.2.17 and before is vulnerable to Inco
 CVE-2025-50404 (Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Ov ...)
 	TODO: check
 CVE-2025-49492 (Out-of-bounds write in ASR180x  in lte-telephony, May cause a buffer u ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49491 (Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linu ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49490 (Resource leak vulnerability in ASR180x in router allows Resource Leak  ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49489 (Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linu ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49488 (Improper Resource Shutdown or Release vulnerability in ASR180x \u3001A ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49483 (Improper Resource Shutdown or Release vulnerability in ASR180x \u3001A ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49482 (Improper Resource Shutdown or Release vulnerability in ASR180x \u3001A ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49481 (Improper Resource Shutdown or Release vulnerability in ASR180x \u3001A ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49480 (Out-of-bounds access in ASR180x \u3001ASR190x  in lte-telephony,  This ...)
-	TODO: check
+	NOT-FOR-US: ASR Microelectronics
 CVE-2025-49029 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48379 (Pillow is a Python imaging library. In versions 11.2.0 to before 11.3. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2315004377c30549c36774e6ea76418b6e76e6a5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2315004377c30549c36774e6ea76418b6e76e6a5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250701/1437635e/attachment.htm>
