Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d767d171 by security tracker role at 2025-08-22T08:12:55+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2025-8678 (The WP Crontrol plugin for WordPress is vulnerable to
Server-Side Requ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8281 (The WP Talroo WordPress plugin through 2.4 does not sanitise
and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-57699 (Western Digital Kitfox for Windows provided by Western Digital
Corpora ...)
TODO: check
CVE-2025-51606 (hippo4j 1.0.0 to 1.5.0, uses a hard-coded secret key in its
JWT (JSON ...)
TODO: check
CVE-2025-43753 (A reflected cross-site scripting (XSS) vulnerability in the
Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43752 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP
2025.Q1.0 thro ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43747 (A server-side request forgery (SSRF) vulnerability exists in
the Lifer ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-41452 (Post-authenticated external control of system web interface
configurat ...)
TODO: check
CVE-2025-41451 (Improper neutralization of alarm-to-mail configuration fields
used in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d767d17193aba60679b8229990ce543d438f5931
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d767d17193aba60679b8229990ce543d438f5931
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
