[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jun 7 10:17:24 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
05d156ae by Salvatore Bonaccorso at 2025-06-07T11:17:01+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2025-49128 (Jackson-core contains core low-level incremental ("streaming") p
NOTE: https://github.com/FasterXML/jackson-core/pull/652
NOTE: https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8 (jackson-core-2.13.0-rc1)
CVE-2025-49127 (Kafbat UI is a web user interface for managing Apache Kafka clusters. ...)
- TODO: check
+ NOT-FOR-US: Kafbat UI
CVE-2025-47601 (Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-5806 (Jenkins Gatling Plugin 136.vb_9009b_3d33a_e serves Gatling reports in ...)
@@ -28,7 +28,7 @@ CVE-2025-5793 (A vulnerability, which was classified as critical, was found in T
CVE-2025-5792 (A vulnerability, which was classified as critical, has been found in T ...)
NOT-FOR-US: TOTOLINK
CVE-2025-5791 (A flaw was found in the user's crate for Rust. This vulnerability allo ...)
- TODO: check
+ NOT-FOR-US: users Rust crate
CVE-2025-5790 (A vulnerability classified as critical was found in TOTOLINK X15 1.0.0 ...)
NOT-FOR-US: TOTOLINK
CVE-2025-5789 (A vulnerability classified as critical has been found in TOTOLINK X15 ...)
@@ -314,7 +314,7 @@ CVE-2025-41361 (Uncontrolled resource consumption vulnerability in IDF v0.10.0-0
CVE-2025-41360 (Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 ...)
NOT-FOR-US: IDF and ZLF
CVE-2025-3485 (Allegra extractFileFromZip Directory Traversal Remote Code Execution V ...)
- TODO: check
+ NOT-FOR-US: Allegra
CVE-2025-3365 (A missing protection against path traversal allows to access any file ...)
TODO: check
CVE-2025-3322 (An improper neutralization of inputs used in expression language allow ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05d156ae7cb81e2f60cb11aa478c86686686e7d3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05d156ae7cb81e2f60cb11aa478c86686686e7d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250607/564c3b18/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list