[Git][security-tracker-team/security-tracker][master] Reassociate some NFUs with itp'ed entry for mattermost-desktop

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4d47f201 by Salvatore Bonaccorso at 2025-10-16T23:34:13+02:00
Reassociate some NFUs with itp'ed entry for mattermost-desktop

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1667,7 +1667,7 @@ CVE-2025-62170 (rAthena is an open-source cross-platform MMORPG server. A use-af
 CVE-2025-61775 (Vickey is a Misskey-based microblogging platform. A vulnerability exis ...)
 	NOT-FOR-US: Vickey
 CVE-2025-58084 (Mattermost Desktop App versions <= 5.13.0 fail to validate URLs extern ...)
-	NOT-FOR-US: Mattermost Desktop App
+	- mattermost-desktop <itp> (bug #831861)
 CVE-2025-43991 (SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist  ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-37729 (Improper neutralization of special elements used in a template engine  ...)
@@ -71526,7 +71526,7 @@ CVE-2025-22472 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 1
 CVE-2025-1774 (Incorrect string encodingvulnerability in NASK - PIB BotSense allows i ...)
 	NOT-FOR-US: NASK - PIB BotSense
 CVE-2025-1398 (Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessa ...)
-	NOT-FOR-US: Mattermost Desktop App
+	- mattermost-desktop <itp> (bug #831861)
 CVE-2025-0833 (A stored Cross-site Scripting (XSS) vulnerability affecting Route Mana ...)
 	NOT-FOR-US: 3DS
 CVE-2025-0832 (A stored Cross-site Scripting (XSS) vulnerability affecting Project Ga ...)
@@ -208053,7 +208053,7 @@ CVE-2023-5916 (A vulnerability classified as critical has been found in Lissy93
 CVE-2023-5876 (Mattermost fails to properly validate a RegExp built off the server UR ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-5875 (Mattermost Desktop fails to correctlyhandle permissions or prompt the  ...)
-	NOT-FOR-US: Mattermost Desktop
+	- mattermost-desktop <itp> (bug #831861)
 CVE-2023-5860 (The Icons Font Loader plugin for WordPress is vulnerable to arbitrary  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-5846 (Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulne ...)
@@ -211050,7 +211050,7 @@ CVE-2023-35083 (Allows an authenticated attacker with network access to read arb
 CVE-2023-5522 (Mattermost Mobile fails to limitthe maximum number of Markdown element ...)
 	NOT-FOR-US: Mattermost Mobile
 CVE-2023-5339 (Mattermost Desktopfails to set an appropriate log level during initial ...)
-	NOT-FOR-US: Mattermost Desktop
+	- mattermost-desktop <itp> (bug #831861)
 CVE-2023-4896 (A vulnerability exists which allows an authenticated attacker to acces ...)
 	NOT-FOR-US: Aruba Networks
 CVE-2023-45952 (An arbitrary file upload vulnerability in the component ajax_link.php  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d47f201e9ab4f19d6ce929b5a60f492f8f60c8b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d47f201e9ab4f19d6ce929b5a60f492f8f60c8b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251016/6db49f4f/attachment.htm>