[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fcc9cdd9 by Moritz Muehlenhoff at 2025-06-18T10:17:40+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2025-51381 (An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and  ...)
-	TODO: check
+	NOT-FOR-US: KCM3100
 CVE-2025-50202 (Lychee is a free photo-management tool. In versions starting from 6.6. ...)
-	TODO: check
+	NOT-FOR-US: Lychee
 CVE-2025-4955 (The tarteaucitron.io WordPress plugin before 1.9.5 uses query paramete ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-4413 (The Pixabay Images plugin for WordPress is vulnerable to arbitrary fil ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-49843 (conda-smithy is a tool for combining a conda recipe with configuration ...)
-	TODO: check
+	NOT-FOR-US: conda-smithy
 CVE-2025-49825 (Teleport provides connectivity, authentication, access controls and au ...)
-	TODO: check
+	NOT-FOR-US: Teleport
 CVE-2025-49824 (conda-smithy is a tool for combining a conda recipe with configuration ...)
-	TODO: check
+	NOT-FOR-US: conda-smithy
 CVE-2025-49593 (Portainer Community Edition is a lightweight service delivery platform ...)
-	TODO: check
+	NOT-FOR-US: Portainer
 CVE-2025-49385 (Trend Micro Security 17.8 (Consumer) is vulnerable to a link following ...)
 	NOT-FOR-US: Trend Micro
 CVE-2025-49384 (Trend Micro Security 17.8 (Consumer) is vulnerable to a link following ...)
@@ -35,15 +35,15 @@ CVE-2025-49212 (An insecure deserialization operation in the Trend Micro Endpoin
 CVE-2025-49211 (A SQL injection vulnerability in the Trend Micro Endpoint Encryption P ...)
 	NOT-FOR-US: Trend Micro
 CVE-2025-49149 (Dify is an open-source LLM app development platform. In version 1.2.0, ...)
-	TODO: check
+	NOT-FOR-US: Dify
 CVE-2025-48443 (Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below i ...)
 	NOT-FOR-US: Trend Micro
 CVE-2025-41413 (Fuji Electric Smart Editoris vulnerable to an out-of-bounds write, whi ...)
-	TODO: check
+	NOT-FOR-US: Fuji
 CVE-2025-41388 (Fuji Electric Smart Editor is vulnerable to a stack-based buffer overf ...)
-	TODO: check
+	NOT-FOR-US: Fuji
 CVE-2025-32412 (Fuji Electric Smart Editoris vulnerable to an out-of-bounds read, whic ...)
-	TODO: check
+	NOT-FOR-US: Fuji
 CVE-2025-30642 (A link following vulnerability in Trend Micro Deep Security 20.0 agent ...)
 	NOT-FOR-US: Trend Micro
 CVE-2025-30641 (A link following vulnerability in the anti-malware solution portion of ...)
@@ -82,7 +82,7 @@ CVE-2025-6069 (The html.parser.HTMLParser class had worse-case quadratic complex
 	NOTE: https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b (v3.14.0b3)
 	NOTE: https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 (3.13-branch)
 CVE-2025-6050 (Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: Mezzanine CMS
 CVE-2025-5777 (Insufficient input validation leading to memory overreadon the NetScal ...)
 	NOT-FOR-US: Citrix
 CVE-2025-5700 (The Simple Logo Carousel plugin for WordPress is vulnerable to Stored  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcc9cdd927a1dd9f95ff9f8e52514cb551a46799

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcc9cdd927a1dd9f95ff9f8e52514cb551a46799
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250618/10de86d6/attachment.htm>