[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2025-9905/keras as not-affected for bullseye

Utkarsh Gupta (@utkarsh) utkarsh at debian.org
Wed Sep 24 16:34:43 BST 2025 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
22b58c78 by Utkarsh Gupta at 2025-09-24T21:03:03+05:30
Mark CVE-2025-9905/keras as not-affected for bullseye

- - - - -
04bc07e7 by Utkarsh Gupta at 2025-09-24T21:04:25+05:30
Mark CVE-2025-9906/keras as postponed for bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1384,9 +1384,11 @@ CVE-2025-9969 (Improper Neutralization of Input During Web Page Generation (XSS
 	NOT-FOR-US: Vizly Web Design Real Estate
 CVE-2025-9906 (The Keras Model.load_modelmethod can be exploited to achieve arbitrary ...)
 	- keras <removed>
+	[bullseye] - keras <postponed> (Low attack complexity & vector; can be batch with a future DLA)
 	NOTE: https://github.com/keras-team/keras/pull/21429
 CVE-2025-9905 (The Keras Model.load_modelmethod can be exploited to achieve arbitrary ...)
 	- keras <removed>
+	[bullseye] - keras <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/keras-team/keras/pull/21602
 	NOTE: https://github.com/keras-team/keras/security/advisories/GHSA-36rr-ww3j-vrjv
 CVE-2025-9081 (Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to proper ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/543df1e880be29a4a0d757ba5f1c3039e44e8b64...04bc07e7022388c8a7d1fb2223c53faf33e0fa64

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/543df1e880be29a4a0d757ba5f1c3039e44e8b64...04bc07e7022388c8a7d1fb2223c53faf33e0fa64
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250924/8ef53e1d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list