[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 29 21:24:41 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
88a421b5 by Salvatore Bonaccorso at 2025-09-29T22:24:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2025-9648 (A vulnerability in the CivetWeb library's function mg_handle_form
 CVE-2025-8868 (In Progress Chef Automate, versions earlier than 4.13.295, on Linux x8 ...)
 	NOT-FOR-US: Progress Software
 CVE-2025-7104 (A mass assignment vulnerability exists in danny-avila/librechat, affec ...)
-	TODO: check
+	NOT-FOR-US: danny-avila/librechat
 CVE-2025-6724 (In Progress Chef Automate, versions earlier than 4.13.295, on Linux x8 ...)
 	NOT-FOR-US: Progress Software
 CVE-2025-61659 (bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index ...)
-	TODO: check
+	NOT-FOR-US: bash-git-prompt
 CVE-2025-57879 (There is an unvalidated redirect vulnerability in Esri Portal for ArcG ...)
 	TODO: check
 CVE-2025-57878 (There is an unvalidated redirect vulnerability in Esri Portal for ArcG ...)
@@ -33,13 +33,13 @@ CVE-2025-57516 (OS Command injection vulnerability in PublicCMS PublicCMS-V5.202
 CVE-2025-57483 (A reflected cross-site scripting (XSS) vulnerability in tawk.to chatbo ...)
 	TODO: check
 CVE-2025-57428 (Default credentials in Italy Wireless Mini Router WIRELESS-N 300M v28K ...)
-	TODO: check
+	NOT-FOR-US: Italy Wireless Mini Router WIRELESS-N 300M
 CVE-2025-57424 (A stored cross-site scripting (XSS) vulnerability exists in the MyCour ...)
-	TODO: check
+	NOT-FOR-US: MyCourts v3 application
 CVE-2025-57197 (In the Payeer Android application 2.5.0, an improper access control vu ...)
-	TODO: check
+	NOT-FOR-US: Payeer Android application
 CVE-2025-56807 (A cross-site scripting (XSS) vulnerability in FairSketch RISE Ultimate ...)
-	TODO: check
+	NOT-FOR-US: FairSketch RISE Ultimate Project Manager & CRM
 CVE-2025-56795 (Mealie 3.0.1 and earlier is vulnerable to Cross-Site Scripting (XSS) i ...)
 	TODO: check
 CVE-2025-56764 (Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reve ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88a421b56a5c902ae81e4e7affd34aa02de4d8c0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88a421b56a5c902ae81e4e7affd34aa02de4d8c0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250929/45704b2f/attachment.htm>

More information about the debian-security-tracker-commits mailing list