[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Oct 17 21:14:01 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
57d34423 by security tracker role at 2025-10-17T20:13:50+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-8414 (Due to improper input validation, a buffer overflow vulnerability is p ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2025-62511 (yt-grabber-tui is a C++ terminal user interface application for downlo ...)
 	TODO: check
 CVE-2025-62505 (LobeChat is an open source chat application platform. The web-crawler  ...)
@@ -9,13 +9,13 @@ CVE-2025-62430 (ClipBucket v5 is an open source video sharing platform. ClipBuck
 CVE-2025-62424 (ClipBucket is a web-based video-sharing platform. In ClipBucket versio ...)
 	TODO: check
 CVE-2025-62422 (DataEase is an open source data visualization and analytics platform.  ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2025-62421 (DataEase is a data visualization and analytics platform. In DataEase v ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2025-62420 (DataEase is a data visualization and analytics platform. In DataEase v ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2025-62419 (DataEase is a data visualization and analytics platform. In DataEase v ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2025-62356 (A path traversal vulnerability in all versions of the Qodo Qodo Gen ID ...)
 	TODO: check
 CVE-2025-62353 (A path traversal vulnerability in all versions of the Windsurf IDE ena ...)
@@ -51,11 +51,11 @@ CVE-2025-56221 (A lack of rate limiting in the login mechanism of SigningHub v8.
 CVE-2025-56218 (An arbitrary file upload vulnerability in SigningHub v8.6.8 allows att ...)
 	TODO: check
 CVE-2025-55085 (In NextX Duo before 6.4.4, in the HTTP client module, the network supp ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-49655 (Deserialization of untrusted data can occur in versions of the Keras f ...)
 	TODO: check
 CVE-2025-48087 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48044 (Incorrect Authorization vulnerability in ash-project ash allows Authen ...)
 	TODO: check
 CVE-2025-34282 (ThingsBoard versions < 4.2.1 contain a server-side request forgery (SS ...)
@@ -83,7 +83,7 @@ CVE-2025-11903 (A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affec
 CVE-2025-11902 (A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2. Affe ...)
 	TODO: check
 CVE-2025-11895 (The Binary MLM Plan plugin for WordPress is vulnerable to insecure dir ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-31573 (XMLUnit for Java before 2.10.0, in the default configuration, might al ...)
 	TODO: check
 CVE-2025-6950 (An Use of Hard-coded Credentials vulnerability has been identified in  ...)
@@ -240848,9 +240848,9 @@ CVE-2023-28817
 CVE-2023-28816
 	RESERVED
 CVE-2023-28815 (Some versions of Hikvision's iSecure Center Product contain insufficie ...)
-	TODO: check
+	NOT-FOR-US: Hikvision
 CVE-2023-28814 (Some versions of Hikvision's iSecure Center Product have an improper f ...)
-	TODO: check
+	NOT-FOR-US: Hikvision
 CVE-2023-28813 (An attacker could exploit a vulnerability by sending crafted messages  ...)
 	NOT-FOR-US: Hikvision Web Browser Plug-in LocalServiceComponents
 CVE-2023-28812 (There is a buffer overflow vulnerability in a web browser plug-in coul ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57d34423782a9ec6dffc4b819ef2075ff2f6e6e6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57d34423782a9ec6dffc4b819ef2075ff2f6e6e6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251017/56fc93aa/attachment.htm>

More information about the debian-security-tracker-commits mailing list