[Git][security-tracker-team/security-tracker][master] Process some more NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
85166f91 by Salvatore Bonaccorso at 2025-09-25T09:35:10+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52,47 +52,47 @@ CVE-2025-57350 (The csvtojson package, a tool for converting CSV data to JSON wi
 CVE-2025-57349 (The messageformat package, an implementation of the Unicode MessageFor ...)
 	NOT-FOR-US: messageformat package for Node.js
 CVE-2025-57348 (The node-cube package (prior to version 5.0.0) contains a vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: node-cube package for Node.js
 CVE-2025-57347 (A vulnerability exists in the 'dagre-d3-es' Node.js package version 7. ...)
-	TODO: check
+	NOT-FOR-US: dagre-d3-es Node.js package
 CVE-2025-57330 (The web3-core-subscriptions is a package designed to manages web3 subs ...)
-	TODO: check
+	NOT-FOR-US: web3-core-subscriptions Node.js package
 CVE-2025-57329 (web3-core-method is a package designed to creates the methods on the w ...)
-	TODO: check
+	NOT-FOR-US: web3-core-method package for Node.js
 CVE-2025-57328 (toggle-array is a package designed to enables a property on the object ...)
-	TODO: check
+	NOT-FOR-US: toggle-array Node.js package
 CVE-2025-57327 (spmrc is a package that provides the rc manager for spm. A Prototype P ...)
 	TODO: check
 CVE-2025-57326 (A Prototype Pollution vulnerability in the byGroupAndType function of  ...)
 	TODO: check
 CVE-2025-57325 (rollbar is a package designed to effortlessly track and debug errors i ...)
-	TODO: check
+	NOT-FOR-US: rollbar package for Node.js
 CVE-2025-57323 (mpregular is a package that provides a small program development frame ...)
-	TODO: check
+	NOT-FOR-US: mpregular package for Node.js
 CVE-2025-57321 (A Prototype Pollution vulnerability in the util-deps.addFileDepend fun ...)
 	TODO: check
 CVE-2025-56819 (An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute ar ...)
-	TODO: check
+	NOT-FOR-US: Datart
 CVE-2025-56816 (Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configurat ...)
-	TODO: check
+	NOT-FOR-US: Datart
 CVE-2025-56815 (Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /vi ...)
-	TODO: check
+	NOT-FOR-US: Datart
 CVE-2025-56241 (Aztech DSL5005EN firmware 1.00.AZ_2013-05-10 and possibly other versio ...)
-	TODO: check
+	NOT-FOR-US: Aztech firmware
 CVE-2025-55322 (Binding to an unrestricted ip address in GitHub allows an unauthorized ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-55178 (Llama Stack prior to version v0.2.20 accepted unverified parameters in ...)
-	TODO: check
+	NOT-FOR-US: Llama Stack
 CVE-2025-52907 (Improper Input Validation vulnerability in TOTOLINK X6000R allows Comm ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2025-52906 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2025-48869 (Horilla is a free and open source Human Resource Management System (HR ...)
-	TODO: check
+	NOT-FOR-US: Horilla
 CVE-2025-48868 (Horilla is a free and open source Human Resource Management System (HR ...)
-	TODO: check
+	NOT-FOR-US: Horilla
 CVE-2025-48867 (Horilla is a free and open source Human Resource Management System (HR ...)
-	TODO: check
+	NOT-FOR-US: Horilla
 CVE-2025-47329 (Memory corruption while handling invalid inputs in application info se ...)
 	NOT-FOR-US: Qualcomm
 CVE-2025-47328 (Transient DOS while processing power control requests with invalid ant ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85166f91c55926353d4f7d6af363d239249fa169

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85166f91c55926353d4f7d6af363d239249fa169
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250925/792f373b/attachment.htm>