[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Nov 28 08:17:40 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6ef5449e by Moritz Muehlenhoff at 2025-11-28T09:17:17+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2025-66386 (app/Model/EventReport.php in MISP before 2.5.27 allows path traversal  ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2025-66385 (UsersController::edit in Cerebrate before 1.30 allows an authenticated ...)
-	TODO: check
+	NOT-FOR-US: Cerebrate
 CVE-2025-66384 (app/Controller/EventsController.php in MISP before 2.5.24 has invalid  ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2025-66382 (In libexpat through 2.7.3, a crafted file with an approximate size of  ...)
 	TODO: check
 CVE-2025-66372 (Mustang before 2.16.3 allows exfiltrating files via XXE attacks.)
-	TODO: check
+	NOT-FOR-US: Mustang
 CVE-2025-66371 (Peppol-py before 1.1.1 allows XXE attacks because of the Saxon configu ...)
-	TODO: check
+	NOT-FOR-US: peppol-py
 CVE-2025-66370 (Kivitendo before 3.9.2 allows XXE injection. By uploading an electroni ...)
-	TODO: check
+	NOT-FOR-US: Kivitendo
 CVE-2025-66361 (An issue was discovered in Logpoint before 7.7.0. Sensitive informatio ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2025-66360 (An issue was discovered in Logpoint before 7.7.0. An improperly config ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2025-66359 (An issue was discovered in Logpoint before 7.7.0. Insufficient input v ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2025-64315 (Configuration defect vulnerability in the file management module. Impa ...)
 	NOT-FOR-US: Huawei
 CVE-2025-64314 (Permission control vulnerability in the memory management module. Impa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ef5449ec790cc2a664a8605e4eff6b41a326135

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ef5449ec790cc2a664a8605e4eff6b41a326135
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251128/21e0fd1b/attachment.htm>

More information about the debian-security-tracker-commits mailing list