[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Oct 15 22:18:28 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e5582da by Salvatore Bonaccorso at 2025-10-15T23:17:19+02:00
Process some NFUs

some F5 issues are covering multiple products.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,33 +7,33 @@ CVE-2025-8486 (A potential vulnerability was reported in PC Manager that could a
 CVE-2025-6026 (An improper certificate validation vulnerability was reported in the L ...)
 	NOT-FOR-US: Lenovo
 CVE-2025-62410 (In versions before 20.0.2, it was found that --disallow-code-generatio ...)
-	TODO: check
+	NOT-FOR-US: happy-dom
 CVE-2025-62382 (Frigate is a network video recorder (NVR) with realtime local object d ...)
-	TODO: check
+	NOT-FOR-US: Frigate
 CVE-2025-62381 (sveltekit-superforms makes SvelteKit forms a pleasure to use. svelteki ...)
-	TODO: check
+	NOT-FOR-US: sveltekit-superforms
 CVE-2025-62380 (mailgen is a Node.js package that generates responsive HTML e-mails fo ...)
-	TODO: check
+	NOT-FOR-US: Node mailgen
 CVE-2025-62379 (Reflex is a library to build full-stack web apps in pure Python. In ve ...)
 	TODO: check
 CVE-2025-62378 (CommandKit is the discord.js meta-framework for building Discord bots. ...)
-	TODO: check
+	NOT-FOR-US: CommandKit
 CVE-2025-62375 (go-witness and witness are Go modules for generating attestations. In  ...)
 	TODO: check
 CVE-2025-62371 (OpenSearch Data Prepper as an open source data collector for observabi ...)
-	TODO: check
+	NOT-FOR-US: OpenSearch Data Prepper
 CVE-2025-62370 (Alloy Core libraries at the root of the Rust Ethereum ecosystem. Prior ...)
 	TODO: check
 CVE-2025-61990 (When using a multi-bladed platform with more than one blade, undisclos ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-61974 (When a client SSL profile is configured on a virtual server, undisclos ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-61960 (When a per-request policy is configured on a BIG-IP APM portal access  ...)
 	NOT-FOR-US: F5
 CVE-2025-61958 (A vulnerability exists in the iHealth command that may allow an authen ...)
 	NOT-FOR-US: F5
 CVE-2025-61955 (A vulnerability exists in F5OS-A and F5OS-C systems that may allow an  ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-61951 (Undisclosed traffic can cause the Traffic Management Microkernel (TMM) ...)
 	NOT-FOR-US: F5
 CVE-2025-61938 (When a BIG-IP Advanced WAF or ASM security policy is configured with a ...)
@@ -43,13 +43,13 @@ CVE-2025-61935 (When a BIG IP Advanced WAF or ASM security policy is configured
 CVE-2025-61933 (A reflected cross-site scripting (XSS) vulnerability exists in an undi ...)
 	NOT-FOR-US: F5
 CVE-2025-60016 (When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brain ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-60015 (An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that  ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-60013 (When a user attempts to initialize the rSeries FIPS module using a pas ...)
 	NOT-FOR-US: F5
 CVE-2025-59781 (When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual se ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-59778 (When the Allowed IP Addresses feature is configured on the F5OS-C part ...)
 	NOT-FOR-US: F5
 CVE-2025-59483 (A validation vulnerability exists in an undisclosed URL in the Configu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e5582dafc09e794268ed9dd8af278f1b301c42a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e5582dafc09e794268ed9dd8af278f1b301c42a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251015/c041caa6/attachment.htm>
