[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
acef10d3 by Moritz Muehlenhoff at 2025-07-15T10:44:03+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,6 @@
 CVE-2025-7672 (The improper default setting in JiranSoft CrossEditor4 on Windows, Lin ...)
 	TODO: check
-CVE-2025-7367 (The Strong Testimonials plugin for WordPress is vulnerable to Stored C ...)
+	NOT-FOR-US: JiranSoft CrossEditor4
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7360 (The HT Contact Form Widget For Elementor Page Builder & Gutenberg Bloc ...)
 	NOT-FOR-US: WordPress plugin
@@ -15,9 +15,9 @@ CVE-2025-5394 (The Alone \u2013 Charity Multipurpose Non-profit WordPress Theme
 CVE-2025-5393 (The Alone \u2013 Charity Multipurpose Non-profit WordPress Theme theme ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-53891 (The timelineofficial/Time-Line- repository contains the source code fo ...)
-	TODO: check
+	NOT-FOR-US: Time-Line
 CVE-2025-53890 (pyload is an open-source Download Manager written in pure Python. An u ...)
-	TODO: check
+	- pyload <itp> (bug #1001980)
 CVE-2025-53889 (Directus is a real-time API and App dashboard for managing SQL databas ...)
 	NOT-FOR-US: Directus
 CVE-2025-53887 (Directus is a real-time API and App dashboard for managing SQL databas ...)
@@ -27,17 +27,17 @@ CVE-2025-53886 (Directus is a real-time API and App dashboard for managing SQL d
 CVE-2025-53885 (Directus is a real-time API and App dashboard for managing SQL databas ...)
 	NOT-FOR-US: Directus
 CVE-2025-53839 (DRACOON is a file sharing service, and the DRACOON Branding Service al ...)
-	TODO: check
+	NOT-FOR-US: DRACOON
 CVE-2025-53836 (XWiki Rendering is a generic rendering system that converts textual in ...)
 	NOT-FOR-US: XWiki
 CVE-2025-53835 (XWiki Rendering is a generic rendering system that converts textual in ...)
 	NOT-FOR-US: XWiki
 CVE-2025-53834 (Caido is a web security auditing toolkit. A reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: Caido
 CVE-2025-53833 (LaRecipe is an application that allows users to create documentation w ...)
-	TODO: check
+	NOT-FOR-US: LaRecipe
 CVE-2025-53825 (Dokploy is a free, self-hostable Platform as a Service (PaaS). Prior t ...)
-	TODO: check
+	NOT-FOR-US: Dokploy
 CVE-2025-53824 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-53823 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
@@ -51,11 +51,11 @@ CVE-2025-53820 (WeGIA is an open source web manager with a focus on the Portugue
 CVE-2025-53819 (Nix is a package manager for Linux and other Unix systems. Builds with ...)
 	TODO: check
 CVE-2025-53818 (GitHub Kanban MCP Server is a Model Context Protocol (MCP) server for  ...)
-	TODO: check
+	NOT-FOR-US: GitHub Kanban MCP Server
 CVE-2025-53640 (Indico is an event management system that uses Flask-Multipass, a mult ...)
-	TODO: check
+	NOT-FOR-US: Indico
 CVE-2025-3621 (Vulnerabilities* in ActADUR local server product, developed and mainta ...)
-	TODO: check
+	NOT-FOR-US: ActADUR
 CVE-2025-53643 (AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ...)
 	- python-aiohttp <unfixed>
 	NOTE: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acef10d3625438fcbd2e198338ac9dd2002c1bd0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acef10d3625438fcbd2e198338ac9dd2002c1bd0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250715/f3eff53a/attachment-0001.htm>