[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Sep 16 13:07:16 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dec5eae0 by Moritz Muehlenhoff at 2025-09-16T14:06:56+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -222,7 +222,7 @@ CVE-2025-10479 (A security flaw has been discovered in SourceCodester Online Stu
 CVE-2025-10477 (A vulnerability was identified in kidaze CourseSelectionSystem up to 4 ...)
 	NOT-FOR-US: kidaze CourseSelectionSystem
 CVE-2024-12367 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
-	TODO: check
+	NOT-FOR-US: Vega Master
 CVE-2025-24293
 	- rails 2:7.2.2.2+dfsg-1
 	NOTE: https://github.com/rails/rails/security/advisories/GHSA-r4mg-4433-c7g3
@@ -245,7 +245,7 @@ CVE-2025-9072 (Mattermost versions 10.10.x <= 10.10.1, 10.5.x <= 10.5.9, 10.9.x
 CVE-2025-8396 (Insufficiently specific bounds checking on authorization header could  ...)
 	NOT-FOR-US: Temporal
 CVE-2025-6202 (Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigg ...)
-	TODO: check
+	NOT-FOR-US: Hynix
 CVE-2025-59399 (libocpp before 0.28.0 allows a denial of service (EVerest crash) becau ...)
 	NOT-FOR-US: libocpp
 CVE-2025-59398 (The OCPP implementation in libocpp before 0.26.2 allows a denial of se ...)
@@ -169164,7 +169164,6 @@ CVE-2024-28180 (Package jose aims to provide an implementation of the Javascript
 	NOTE: https://github.com/go-jose/go-jose/commit/0dd4dd541c665fb292d664f77604ba694726f298 (v2.6.3)
 	NOTE: https://github.com/go-jose/go-jose/commit/add6a284ea0f844fd6628cba637be5451fe4b28a (v3.0.3)
 	NOTE: https://github.com/go-jose/go-jose/commit/f4c051a0653d78199a053892f7619ebf96339502 (v4.0.1)
-	TODO: check completeness
 CVE-2024-28176 (jose is JavaScript module for JSON Object Signing and Encryption, prov ...)
 	NOT-FOR-US: JavaScript module for JSON Object Signing and Encryption (panva/jose)
 CVE-2024-28123 (Wasmi is an efficient and lightweight WebAssembly interpreter with a f ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dec5eae060e29111ace013f2981ff3a650a3fb9a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dec5eae060e29111ace013f2981ff3a650a3fb9a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250916/3b36aeef/attachment.htm>

More information about the debian-security-tracker-commits mailing list