[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 26 21:12:13 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a87e7eba by Salvatore Bonaccorso at 2025-11-26T22:11:46+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,45 +7,45 @@ CVE-2025-7449 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
 CVE-2025-6195 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
 	TODO: check
 CVE-2025-66028 (OneUptime is a solution for monitoring and managing online services. P ...)
-	TODO: check
+	NOT-FOR-US: OneUptime
 CVE-2025-65966 (OneUptime is a solution for monitoring and managing online services. I ...)
-	TODO: check
+	NOT-FOR-US: OneUptime
 CVE-2025-65681 (An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tu ...)
-	TODO: check
+	NOT-FOR-US: Overhang.IO (tutor-open-edx) (overhangio/tutor)
 CVE-2025-65676 (Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1 ...)
-	TODO: check
+	NOT-FOR-US: Classroomio LMS
 CVE-2025-65675 (Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1 ...)
-	TODO: check
+	NOT-FOR-US: Classroomio LMS
 CVE-2025-65672 (Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allows u ...)
-	TODO: check
+	NOT-FOR-US: Classroomio LMS
 CVE-2025-65670 (An Insecure Direct Object Reference (IDOR) in classroomio 0.1.13 allow ...)
-	TODO: check
+	NOT-FOR-US: Classroomio LMS
 CVE-2025-65669 (An issue was discovered in classroomio 0.1.13. Student accounts are ab ...)
-	TODO: check
+	NOT-FOR-US: Classroomio LMS
 CVE-2025-65278 (An issue was discovered in file users.json in GroceryMart commit 21934 ...)
-	TODO: check
+	NOT-FOR-US: GroceryMart
 CVE-2025-65276 (An unauthenticated administrative access vulnerability exists in the o ...)
 	TODO: check
 CVE-2025-65239 (Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCod ...)
-	TODO: check
+	NOT-FOR-US: OpenCode Systems USSD Gateway OC
 CVE-2025-65238 (Incorrect access control in the getSubUsersByProvider function of Open ...)
-	TODO: check
+	NOT-FOR-US: OpenCode Systems USSD Gateway OC
 CVE-2025-65237 (A reflected cross-site scripted (XSS) vulnerability in OpenCode System ...)
-	TODO: check
+	NOT-FOR-US: OpenCode Systems USSD Gateway OC
 CVE-2025-65236 (OpenCode Systems USSD Gateway OC Release: 5 was discovered to contain  ...)
-	TODO: check
+	NOT-FOR-US: OpenCode Systems USSD Gateway OC
 CVE-2025-65235 (OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discov ...)
-	TODO: check
+	NOT-FOR-US: OpenCode Systems USSD Gateway OC
 CVE-2025-64130 (Zenitel TCIV-3+ is vulnerable to a reflected cross-site scripting  vul ...)
-	TODO: check
+	NOT-FOR-US: Zenitel TCIV-3+
 CVE-2025-64129 (Zenitel TCIV-3+ is vulnerable to an out-of-bounds write  vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Zenitel TCIV-3+
 CVE-2025-64128 (An OS command injection vulnerability exists due to incomplete  valida ...)
-	TODO: check
+	NOT-FOR-US: Zenitel
 CVE-2025-64127 (An OS command injection vulnerability exists due to insufficient  sani ...)
-	TODO: check
+	NOT-FOR-US: Zenitel
 CVE-2025-64126 (An OS command injection vulnerability exists due to improper input  va ...)
-	TODO: check
+	NOT-FOR-US: Zenitel
 CVE-2025-63938 (Tinyproxy through 1.11.2 contains an integer overflow vulnerability in ...)
 	TODO: check
 CVE-2025-62728 (SQL injection vulnerability in Hive Metastore Server (HMS) when proces ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a87e7ebabedab872dbf00fef0e6b0b467fa9dc92

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a87e7ebabedab872dbf00fef0e6b0b467fa9dc92
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251126/0f1af176/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list