[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 10 05:21:28 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
878ed7f7 by Salvatore Bonaccorso at 2025-08-10T06:20:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55,15 +55,15 @@ CVE-2025-55188 (7-Zip before 25.01 does not always properly handle symbolic link
 CVE-2025-55152 (oak is a middleware framework for Deno's native HTTP server, Deno Depl ...)
 	TODO: check
 CVE-2025-55149 (Tiny-Scientist is a lightweight framework for automating the entire li ...)
-	TODO: check
+	NOT-FOR-US: Tiny-Scientist
 CVE-2025-55013 (The Assemblyline 4 Service Client interfaces with the API to fetch tas ...)
-	TODO: check
+	NOT-FOR-US: Assemblyline 4 Service Client
 CVE-2025-55009 (The AuthKit library for Remix provides convenient helpers for authenti ...)
-	TODO: check
+	NOT-FOR-US: AuthKit library for Remix
 CVE-2025-55008 (The AuthKit library for React Router 7+ provides helpers for authentic ...)
-	TODO: check
+	NOT-FOR-US: AuthKit library for React Router
 CVE-2025-55006 (Frappe Learning is a learning system that helps users structure their  ...)
-	TODO: check
+	NOT-FOR-US: Frappe Learning (frappe/lms)
 CVE-2025-55003 (OpenBao exists to provide a software solution to manage, store, and di ...)
 	TODO: check
 CVE-2025-55001 (OpenBao exists to provide a software solution to manage, store, and di ...)
@@ -79,9 +79,9 @@ CVE-2025-54997 (OpenBao exists to provide a software solution to manage, store,
 CVE-2025-54996 (OpenBao exists to provide a software solution to manage, store, and di ...)
 	TODO: check
 CVE-2025-54888 (Fedify is a TypeScript library for building federated server apps powe ...)
-	TODO: check
+	NOT-FOR-US: Fedify
 CVE-2025-54417 (Craft is a platform for creating digital experiences. Versions 4.13.8  ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2025-4655 (SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 thr ...)
 	NOT-FOR-US: Liferay
 CVE-2025-4581 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 thro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/878ed7f750e2d684845c1515efbbdd7cf3f07439

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/878ed7f750e2d684845c1515efbbdd7cf3f07439
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250810/b86a33cd/attachment.htm>

More information about the debian-security-tracker-commits mailing list