[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 17 09:24:35 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
940c9f82 by Moritz Muehlenhoff at 2025-06-17T10:24:16+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-6173 (A vulnerability classified as critical was found in Webkul QloApps 1.6 ...)
-	TODO: check
+	NOT-FOR-US: Webkul QloApps
 CVE-2025-6167 (A vulnerability classified as critical has been found in themanojdesai ...)
-	TODO: check
+	NOT-FOR-US: themanojdesai python-a2a
 CVE-2025-6166 (A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been ...)
-	TODO: check
+	NOT-FOR-US: Agent Zero AI framework
 CVE-2025-6165 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6164 (A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It  ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6163 (A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615 and ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6162 (A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6161 (A vulnerability, which was classified as critical, was found in Source ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-6160 (A vulnerability, which was classified as critical, has been found in S ...)
@@ -31,33 +31,33 @@ CVE-2025-6154 (A vulnerability was found in PHPGurukul Hostel Management System
 CVE-2025-6153 (A vulnerability has been found in PHPGurukul Hostel Management System  ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-6152 (A vulnerability, which was classified as critical, was found in Steel  ...)
-	TODO: check
+	NOT-FOR-US: Steel Browser
 CVE-2025-6151 (A vulnerability, which was classified as critical, has been found in T ...)
 	NOT-FOR-US: TP-Link
 CVE-2025-6150 (A vulnerability classified as critical was found in TOTOLINK X15 1.0.0 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6149 (A vulnerability classified as critical has been found in TOTOLINK A300 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6148 (A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6147 (A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It h ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6146 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6145 (A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6144 (A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6143 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6142 (A vulnerability was found in Intera InHire up to 20250530. It has been ...)
-	TODO: check
+	NOT-FOR-US: Intera InHire
 CVE-2025-6141 (A vulnerability has been found in GNU ncurses up to 6.5-20250322 and c ...)
 	TODO: check
 CVE-2025-6139 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-6138 (A vulnerability classified as critical was found in TOTOLINK T10 4.1.8 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5673 (The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPre ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-5209 (The Ivory Search  WordPress plugin before 5.5.10 does not sanitise and ...)
@@ -85,13 +85,13 @@ CVE-2025-4775 (The WordPress Infinite Scroll \u2013 Ajax Load More plugin for Wo
 CVE-2025-49823 ((conda) Constructor is a tool which allows constructing an installer f ...)
 	TODO: check
 CVE-2025-49134 (Weblate is a web based localization tool. Prior to version 5.12, the a ...)
-	TODO: check
+	- weblate <itp> (bug #745661)
 CVE-2025-48993 (Group-Office is an enterprise customer relationship management and gro ...)
-	TODO: check
+	NOT-FOR-US: Group-Office
 CVE-2025-48992 (Group-Office is an enterprise customer relationship management and gro ...)
-	TODO: check
+	NOT-FOR-US: Group-Office
 CVE-2025-47951 (Weblate is a web based localization tool. Prior to version 5.12, the v ...)
-	TODO: check
+	- weblate <itp> (bug #745661)
 CVE-2025-43200 (This issue was addressed with improved checks. This issue is fixed in  ...)
 	NOT-FOR-US: Apple
 CVE-2025-3774 (The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site  ...)
@@ -101,9 +101,9 @@ CVE-2025-3494
 CVE-2025-3493
 	REJECTED
 CVE-2025-32800 (Conda-build contains commands and tools to build conda packages. Prior ...)
-	TODO: check
+	NOT-FOR-US: Conda-build
 CVE-2025-32799 (Conda-build contains commands and tools to build conda packages. Prior ...)
-	TODO: check
+	NOT-FOR-US: Conda-build
 CVE-2025-27587 (OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable  ...)
 	TODO: check
 CVE-2024-45380



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/940c9f82bf3c4769afcf920d78df290491c816df

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/940c9f82bf3c4769afcf920d78df290491c816df
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250617/a8dbbfde/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list