[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Fri Sep 5 09:13:43 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f97a3c3 by security tracker role at 2025-09-05T08:13:35+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-9990 (The WordPress Helpdesk Integration plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8944 (The OceanWP WordPress theme before 4.1.2 is vulnerable to an option up ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8684 (The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Sc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7445 (Kubernetes secrets-store-sync-controller in versions before 0.0.2 disc ...)
 	TODO: check
 CVE-2025-58401 (Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github AP ...)
@@ -17,15 +17,15 @@ CVE-2025-58359 (ZF FROST is a Rust implementation of FROST (Flexible Round-Optim
 CVE-2025-58352 (Weblate is a web based localization tool. Versions lower than 5.13.1 c ...)
 	TODO: check
 CVE-2025-58313 (Race condition vulnerability in the device standby module. Impact: Suc ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-58296 (Race condition vulnerability in the audio module. Impact: Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-58281 (Out-of-bounds read vulnerability in the runtime interpreter module. Im ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-58280 (Vulnerability of exposing object heap addresses in the Ark eTS module. ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-58276 (Permission verification vulnerability in the home screen module Impact ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-58179 (Astro is a web framework for content-driven websites. Versions 11.0.3  ...)
 	TODO: check
 CVE-2025-55739 (api is a module for FreePBX@, which is an open source GUI that control ...)
@@ -45,7 +45,7 @@ CVE-2025-55238 (Dynamics 365 FastTrack Implementation Assets Information Disclos
 CVE-2025-55209 (contactmanager is a module for FreePBX@, which is an open source GUI t ...)
 	TODO: check
 CVE-2025-55190 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
-	TODO: check
+	NOT-FOR-US: Argo CD
 CVE-2025-55037 (Improper neutralization of special elements used in an OS command ('OS ...)
 	TODO: check
 CVE-2025-54914 (Azure Networking Elevation of Privilege Vulnerability)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f97a3c372e5f9af7817960c90acd5ecd7c816b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f97a3c372e5f9af7817960c90acd5ecd7c816b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250905/adb04653/attachment-0001.htm>
