[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6dec40e by Moritz Muehlenhoff at 2025-10-06T09:10:33+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-8917 (A vulnerability in allegroai/clearml version v2.0.1 allows for path tr ...)
-	TODO: check
+	NOT-FOR-US: allegroai/clearml
 CVE-2025-8406 (ZenML version 0.83.1 is affected by a path traversal vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: ZenML
 CVE-2025-11302 (A security vulnerability has been detected in Belkin F9K1015 1.00.10.  ...)
 	NOT-FOR-US: Belkin
 CVE-2025-11301 (A weakness has been identified in Belkin F9K1015 1.00.10. This affects ...)
@@ -25,11 +25,11 @@ CVE-2025-11293 (A security vulnerability has been detected in Belkin F9K1015 1.0
 CVE-2025-11292 (A weakness has been identified in Belkin F9K1015 1.00.10. Affected is  ...)
 	NOT-FOR-US: Belkin
 CVE-2025-11291 (A security flaw has been discovered in ixmaps website2017 up to 0c71cf ...)
-	TODO: check
+	NOT-FOR-US: ixmaps website2017
 CVE-2025-11290 (A vulnerability was identified in CRMEB up to 5.6.1. This affects an u ...)
-	TODO: check
+	NOT-FOR-US: CRMEB
 CVE-2025-11289 (A vulnerability was determined in westboy CicadasCMS up to 2431154dac8 ...)
-	TODO: check
+	NOT-FOR-US: CicadasCMS
 CVE-2025-61882 (Vulnerability in the Oracle Concurrent Processing product of Oracle E- ...)
 	NOT-FOR-US: Oracle
 CVE-2025-11288 (A security flaw has been discovered in CRMEB up to 5.6. This issue aff ...)
@@ -1325,7 +1325,7 @@ CVE-2025-56019 (An insecure permission vulnerability exists in the Agasta Easyto
 CVE-2025-54468 (A vulnerability has been identified within Rancher Manager whereby `Im ...)
 	NOT-FOR-US: Rancher
 CVE-2025-54315 (The Matrix specification before 1.16 (i.e., with a room version before ...)
-	TODO: check
+	NOT-FOR-US: Matrix specification
 CVE-2025-54293 (Path Traversal in the log file retrieval function in Canonical LXD 5.0 ...)
 	- incus <unfixed>
 	- lxd <removed>
@@ -1363,7 +1363,7 @@ CVE-2025-54086 (CVE-2025-54086 is an excess permissions vulnerability in the War
 CVE-2025-53881 (A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate co ...)
 	TODO: check
 CVE-2025-49090 (The Matrix specification before 1.16 (i.e., with a room version before ...)
-	TODO: check
+	NOT-FOR-US: Matrix specification
 CVE-2025-41064 (Incorrect authentication vulnerability in OpenSIAC, which could allow  ...)
 	NOT-FOR-US: OpenSIAC
 CVE-2025-41010 (Incorrect Cross-Origin Resource Sharing (CORS) configuration in Hiberu ...)
@@ -1528,7 +1528,7 @@ CVE-2025-61715
 CVE-2025-61714
 	REJECTED
 CVE-2025-61622 (Deserialization of untrusted data inpython in pyforyversions 0.12.0 th ...)
-	TODO: check
+	NOT-FOR-US: pyforyversions
 CVE-2025-61596
 	REJECTED
 CVE-2025-61189 (Jeecgboot versions 3.8.2 and earlier are affected by a path traversal  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6dec40e1073aa08d1f8ed38339bbfaf75bd0c52

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6dec40e1073aa08d1f8ed38339bbfaf75bd0c52
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251006/7e751121/attachment.htm>