[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 14 08:13:52 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43a69d30 by security tracker role at 2025-11-14T08:13:37+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,13 +7,13 @@ CVE-2025-64753 (grist-core is a spreadsheet hosting server. Prior to version 1.7
 CVE-2025-64752 (grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a  ...)
 	TODO: check
 CVE-2025-64749 (Directus is a real-time API and App dashboard for managing SQL databas ...)
-	TODO: check
+	NOT-FOR-US: Directus
 CVE-2025-64748 (Directus is a real-time API and App dashboard for managing SQL databas ...)
-	TODO: check
+	NOT-FOR-US: Directus
 CVE-2025-64747 (Directus is a real-time API and App dashboard for managing SQL databas ...)
-	TODO: check
+	NOT-FOR-US: Directus
 CVE-2025-64746 (Directus is a real-time API and App dashboard for managing SQL databas ...)
-	TODO: check
+	NOT-FOR-US: Directus
 CVE-2025-64745 (Astro is a web framework. Starting in version 5.2.0 and prior to versi ...)
 	TODO: check
 CVE-2025-64744 (OpenObserve is a cloud-native observability platform. In versions up t ...)
@@ -27,7 +27,7 @@ CVE-2025-55073 (Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12
 CVE-2025-55070 (Mattermost versions <11 fail to enforce multi-factor authentication on ...)
 	TODO: check
 CVE-2025-4619 (A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS s ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2025-47913 (SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed respons ...)
 	TODO: check
 CVE-2025-47222 (Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue  ...)
@@ -39,13 +39,13 @@ CVE-2025-47220 (Keyfactor SignServer before 7.3.1 has Incorrect Access Control,
 CVE-2025-41436 (Mattermost versions <11.0 fail to properly enforce the "Allow users to ...)
 	TODO: check
 CVE-2025-36251 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS i ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36250 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly kn ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36236 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly kn ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36096 (IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-13161 (IQ-Support developed by IQ Service International has an Arbitrary File ...)
 	TODO: check
 CVE-2025-13160 (IQ-Support developed by IQ Service International has a Exposure of Sen ...)
@@ -61,11 +61,11 @@ CVE-2025-13102 (Inappropriate implementation in WebApp Installs in Google Chrome
 CVE-2025-13097 (Inappropriate implementation in DevTools in Google Chrome prior to 136 ...)
 	TODO: check
 CVE-2025-12904 (The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11776 (Mattermost versions <11 fail to properly restrict access to archived c ...)
 	TODO: check
 CVE-2025-10686 (The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9126 (Use after free in Internals in Google Chrome on iOS prior to 127.0.653 ...)
 	TODO: check
 CVE-2024-7021 (Inappropriate implementation in Autofill in Google Chrome on Windows p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43a69d30390664041dcbdd2c7b798f65cf29a8b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43a69d30390664041dcbdd2c7b798f65cf29a8b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251114/b9a6e4e0/attachment.htm>

More information about the debian-security-tracker-commits mailing list