[Git][security-tracker-team/security-tracker][master] Process two more NFUs from Apache CNA rule

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 5 20:52:08 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0836e966 by Salvatore Bonaccorso at 2026-01-05T21:51:39+01:00
Process two more NFUs from Apache CNA rule

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,7 +43,7 @@ CVE-2025-68850 (Missing Authorization vulnerability in Codepeople Sell Downloads
 CVE-2025-68547 (Missing Authorization vulnerability in WPweb Follow My Blog Post allow ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68280 (Improper Restriction of XML External Entity Reference vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-68044 (Authorization Bypass Through User-Controlled Key vulnerability in Rust ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68033 (Insertion of Sensitive Information Into Sent Data vulnerability in Bre ...)
@@ -65,7 +65,7 @@ CVE-2025-67315 (Cross Site Request Forgery vulnerability in Employee Leave Manag
 CVE-2025-67303 (An issue in ComfyUI-Manager prior to version 3.38 allowed remote attac ...)
 	NOT-FOR-US: ComfyUI-Manager
 CVE-2025-66518 (Any client who can access to Apache Kyuubi Server via Kyuubi frontend  ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-66376 (Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 a ...)
 	NOT-FOR-US: Zimbra
 CVE-2025-65922 (PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, al ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0836e966950f90215a1f6741d10f37ba0f649c19

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0836e966950f90215a1f6741d10f37ba0f649c19
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260105/dcc24883/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list