[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 2 21:23:01 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7df2bce2 by Salvatore Bonaccorso at 2025-06-02T22:22:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2025-5439 (A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE63
 CVE-2025-5438 (A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, R ...)
 	NOT-FOR-US: Linksys
 CVE-2025-5437 (A vulnerability classified as critical has been found in Multilaser Si ...)
-	TODO: check
+	NOT-FOR-US: Multilaser Sirius RE016 MLT1.0
 CVE-2025-5086 (A deserialization of untrusted data vulnerability affecting DELMIA Apr ...)
 	NOT-FOR-US: Dassault Systemes
 CVE-2025-5036 (A maliciously crafted RFA file, when linked or imported into Autodesk  ...)
@@ -29,19 +29,19 @@ CVE-2025-5036 (A maliciously crafted RFA file, when linked or imported into Auto
 CVE-2025-49069 (Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting  ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48996 (HAX open-apis provides microservice apis for HAX webcomponents repo th ...)
-	TODO: check
+	NOT-FOR-US: HAX open-apis
 CVE-2025-48995 (SignXML is an implementation of the W3C XML Signature standard in Pyth ...)
 	TODO: check
 CVE-2025-48994 (SignXML is an implementation of the W3C XML Signature standard in Pyth ...)
 	TODO: check
 CVE-2025-48990 (NeKernal is a free and open-source operating system stack. Version 0.0 ...)
-	TODO: check
+	NOT-FOR-US: NeKernal
 CVE-2025-48958 (Froxlor is open source server administration software. Prior to versio ...)
 	TODO: check
 CVE-2025-48957 (AstrBot is a large language model chatbot and development framework. A ...)
-	TODO: check
+	NOT-FOR-US: AstrBot
 CVE-2025-48955 (Para is a multitenant backend server/framework for object persistence  ...)
-	TODO: check
+	NOT-FOR-US: Para
 CVE-2025-48941 (MyBB is free and open source forum software. Prior to version 1.8.39,  ...)
 	NOT-FOR-US: MyBB
 CVE-2025-48940 (MyBB is free and open source forum software. Prior to version 1.8.39,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7df2bce2c5e3341857bea1472ce4d81e79cb2e0f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7df2bce2c5e3341857bea1472ce4d81e79cb2e0f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250602/14b00fc2/attachment.htm>

More information about the debian-security-tracker-commits mailing list