[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Wed Oct 29 08:14:00 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7f764847 by security tracker role at 2025-10-29T08:13:47+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-9544 (The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX act ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-64296 (Missing Authorization vulnerability in Facebook Facebook for WooCommer ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-64162
 	REJECTED
 CVE-2025-64161
@@ -33,23 +33,23 @@ CVE-2025-62776 (The installer of WTW EAGLE (for Windows) 3.0.8.0 contains an iss
 CVE-2025-62368 (Taiga is an open source project management platform. In versions 6.8.3 ...)
 	TODO: check
 CVE-2025-61598 (Discourse is an open source discussion platform. Version before 3.6.2  ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2025-57931 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-4665 (WordPress plugin Contact Form CFDB7 versions up to and including 1.3.2 ...)
 	TODO: check
 CVE-2025-49042 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-43017 (HP ThinPro 8.1 System management application failed to verify user's t ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2025-11705 (The Anti-Malware Security and Brute-Force Firewall plugin for WordPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11375 (Consul and Consul Enterprise\u2019s (\u201cConsul\u201d) event endpoin ...)
 	TODO: check
 CVE-2025-11374 (Consul and Consul Enterprise\u2019s (\u201cConsul\u201d) key/value end ...)
 	TODO: check
 CVE-2023-7320 (The WooCommerce plugin for WordPress is vulnerable to Sensitive Inform ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-62727 (Starlette is a lightweight ASGI framework/toolkit. Prior to 0.49.1 , a ...)
 	- starlette <unfixed>
 	NOTE: https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f7648476b0b008ed53822de2cac023197fdd27b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f7648476b0b008ed53822de2cac023197fdd27b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251029/2fe577fe/attachment.htm>
