[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 24 21:25:45 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4140c663 by Salvatore Bonaccorso at 2025-09-24T22:25:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,21 +3,21 @@ CVE-2025-9353 (The Themify Builder plugin for WordPress is vulnerable to Stored
 CVE-2025-9054 (The MultiLoca - WooCommerce Multi Locations Inventory Management plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-9031 (Observable Timing Discrepancy vulnerability in DivvyDrive Information  ...)
-	TODO: check
+	NOT-FOR-US: DivvyDrive Web
 CVE-2025-8869 (When extracting a tar archive pip may not check symbolic links point i ...)
 	TODO: check
 CVE-2025-59828 (Claude Code is an agentic coding tool. Prior to Claude Code version 1. ...)
-	TODO: check
+	NOT-FOR-US: Claude Code
 CVE-2025-59824 (Omni manages Kubernetes on bare metal, virtual machines, or in a cloud ...)
 	TODO: check
 CVE-2025-59525 (Horilla is a free and open source Human Resource Management System (HR ...)
-	TODO: check
+	NOT-FOR-US: Horilla
 CVE-2025-59524 (Horilla is a free and open source Human Resource Management System (HR ...)
-	TODO: check
+	NOT-FOR-US: Horilla
 CVE-2025-59343 (tar-fs provides filesystem bindings for tar-stream. Versions prior to  ...)
 	TODO: check
 CVE-2025-59305 (Improper authorization in the background migration endpoints of Langfu ...)
-	TODO: check
+	NOT-FOR-US: Langfuse
 CVE-2025-59251 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2025-58457 (Improper permission check in ZooKeeper AdminServer lets authorized cli ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4140c66306951ca40cb84679ef6760f3b87b5841

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4140c66306951ca40cb84679ef6760f3b87b5841
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250924/76cfe29e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list