[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 26 08:53:33 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f1b4a3e4 by Salvatore Bonaccorso at 2025-11-26T09:51:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2025-66025 (Caido is a web security auditing toolkit. Prior to version 0.53.
CVE-2025-66022 (FACTION is a PenTesting Report Generation and Collaboration Framework. ...)
NOT-FOR-US: FACTION
CVE-2025-66021 (OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in ...)
- TODO: check
+ NOT-FOR-US: OWASP Java HTML Sanitizer
CVE-2025-66020 (Valibot helps validate data using a schema. In versions from 0.31.0 to ...)
NOT-FOR-US: Valibot
CVE-2025-66019 (pypdf is a free and open-source pure-python PDF library. Prior to vers ...)
@@ -71,11 +71,11 @@ CVE-2025-66019 (pypdf is a free and open-source pure-python PDF library. Prior t
NOTE: This is a followup to GHSA-jfx9-29x2-rv3j (CVE-2025-62708) to align the
NOTE: default limit with the one for zlib.
CVE-2025-65963 (Files is a module for managing files inside spaces and user profiles. ...)
- TODO: check
+ NOT-FOR-US: humhub/cfiles
CVE-2025-65957 (Core Bot Is an Open Source discord bot made for maple hospital servers ...)
- TODO: check
+ NOT-FOR-US: Core Bot
CVE-2025-65956 (Formwork is a flat file-based Content Management System (CMS). Prior t ...)
- TODO: check
+ NOT-FOR-US: Formwork CMS
CVE-2025-65953 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. ...)
TODO: check
CVE-2025-65952 (Console is a network used to control Gorilla Tag mods' users and other ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1b4a3e431a778a2bf818c3193c6d77154ba11de
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1b4a3e431a778a2bf818c3193c6d77154ba11de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251126/f1158cbf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list