[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Jun 19 11:37:36 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1364a5a3 by Moritz Muehlenhoff at 2025-06-19T12:37:14+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,11 @@ CVE-2025-5490 (The Football Pool plugin for WordPress is vulnerable to Stored Cr
 CVE-2025-52474 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-52467 (pgai is a Python library that transforms PostgreSQL into a retrieval e ...)
-	TODO: check
+	NOT-FOR-US: pgai
 CVE-2025-50201 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-50183 (OpenList Frontend is a UI component for OpenList. Prior to version 4.0 ...)
-	TODO: check
+	NOT-FOR-US: OpenList Frontend
 CVE-2025-50182 (urllib3 is a user-friendly HTTP client library for Python. Prior to 2. ...)
 	TODO: check
 CVE-2025-50181 (urllib3 is a user-friendly HTTP client library for Python. Prior to 2. ...)
@@ -81,9 +81,9 @@ CVE-2025-45784 (D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provision
 CVE-2025-45661 (A cross-site scripting (XSS) vulnerability in miniTCG v1.3.1 beta allo ...)
 	NOT-FOR-US: miniTCG
 CVE-2025-44952 (A missing length check in `ogs_pfcp_subnet_add` function from PFCP lib ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2025-44951 (A missing length check in `ogs_pfcp_dev_add` function from PFCP librar ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2025-36049 (IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15   is vu ...)
 	NOT-FOR-US: IBM
 CVE-2025-36048 (IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could a ...)
@@ -1584,7 +1584,7 @@ CVE-2025-30641 (A link following vulnerability in the anti-malware solution port
 CVE-2025-30640 (A link following vulnerability in Trend Micro Deep Security 20.0 agent ...)
 	NOT-FOR-US: Trend Micro
 CVE-2025-23252 (The NVIDIA NVDebug tool contains a vulnerability that may allow an act ...)
-	TODO: check
+	NOT-FOR-US: NVDebug
 CVE-2025-1562 (The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-48945



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1364a5a3cb392cb853871fe25a86841a253bc688

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1364a5a3cb392cb853871fe25a86841a253bc688
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250619/dc03834d/attachment.htm>

More information about the debian-security-tracker-commits mailing list