[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Sep 17 09:44:25 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6454197b by Moritz Muehlenhoff at 2025-09-17T10:44:10+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -209,7 +209,7 @@ CVE-2025-41248 (The Spring Security annotation detection mechanism may not corre
 	- libspring-security-2.0-java <removed>
 	NOTE: https://spring.io/security/cve-2025-41248
 CVE-2025-41243 (Spring Cloud Gateway Server Webflux may be vulnerable to Spring Enviro ...)
-	TODO: check
+	NOT-FOR-US: Spring Cloud Gateway
 CVE-2025-39836 (In the Linux kernel, the following vulnerability has been resolved:  e ...)
 	- linux 6.16.5-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -378,11 +378,11 @@ CVE-2025-10316 (The extension "Form to Database" is susceptible to Cross-Site Sc
 CVE-2025-10290 (Opening links via the contextual menu in Focus iOS for certain URL sch ...)
 	TODO: check
 CVE-2025-10016 (The Sparkle framework includes a helper tool Autoupdate. Due to lack o ...)
-	TODO: check
+	NOT-FOR-US: Sparkle framework
 CVE-2025-10015 (The Sparkle frameworkincludes an XPC service Downloader.xpc, by defaul ...)
-	TODO: check
+	NOT-FOR-US: Sparkle framework
 CVE-2024-13174 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: E1 Informatics web application
 CVE-2024-13149 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: Arma Store Armalife
 CVE-2024-12913 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -582,7 +582,7 @@ CVE-2019-25164
 CVE-2019-25163
 	REJECTED
 CVE-2009-20007 (Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: Talkative IRC
 CVE-2009-20006 (osCommerce versions up to and including 2.2 RC2a contain a vulnerabili ...)
 	NOT-FOR-US: osCommerce
 CVE-2009-20005 (A stack-based buffer overflow exists in the UtilConfigHome.csp endpoin ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6454197bd8a8f7ea92506c8fb9c78e3b52e277f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6454197bd8a8f7ea92506c8fb9c78e3b52e277f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250917/1b788852/attachment.htm>

More information about the debian-security-tracker-commits mailing list