[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Mon, 07 Jul 2025 13:54:27 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
12ef50c1 by Salvatore Bonaccorso at 2025-07-07T22:52:56+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -104,15 +104,15 @@ CVE-2025-6663 (GStreamer H266 Codec Parsing Stack-based 
Buffer Overflow Remote C
        NOTE: Fixed by: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/eedd01ac3dfeb60e36a44bb61a6d0418454e8416
 (main)
        NOTE: Fixed by: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/596cf19c0c4c92b31c4ef315a0278586b0772b93
 (1.26.3)
 CVE-2025-6386 (The parisneo/lollms repository is affected by a timing attack 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: parisneo/lollms
 CVE-2025-6210 (A vulnerability in the ObsidianReader class of the 
run-llama/llama_ind ...)
-       TODO: check
+       NOT-FOR-US: llama/llama_index
 CVE-2025-6209 (A path traversal vulnerability exists in run-llama/llama_index 
version ...)
-       TODO: check
+       NOT-FOR-US: llama/llama_index
 CVE-2025-6044 (An Improper Access Control vulnerability in the Stylus Tools 
component ...)
        TODO: check
 CVE-2025-5472 (The JSONReader in run-llama/llama_index versions 0.12.28 is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: llama/llama_index
 CVE-2025-53543 (Kestra is an event-driven orchestration platform. The error 
message in ...)
        TODO: check
 CVE-2025-53540 (arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, 
ESP32-S3, ES ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12ef50c1a95144486ac526a3e28e3c740e8136f5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12ef50c1a95144486ac526a3e28e3c740e8136f5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to