[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat, 29 Nov 2025 01:07:12 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f976624e by Salvatore Bonaccorso at 2025-11-29T10:06:34+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,43 +9,43 @@ CVE-2025-66225 (OrangeHRM is a comprehensive human resource 
management (HRM) sys
 CVE-2025-66224 (OrangeHRM is a comprehensive human resource management (HRM) 
system. F ...)
        - orangehrm <itp> (bug #786622)
 CVE-2025-66223 (OpenObserve is a cloud-native observability platform. Prior to 
version ...)
-       TODO: check
+       NOT-FOR-US: OpenObserve
 CVE-2025-66221 (Werkzeug is a comprehensive WSGI web application library. 
Prior to ver ...)
        TODO: check
 CVE-2025-66219 (willitmerge is a command line tool to check if pull requests 
are merge ...)
-       TODO: check
+       NOT-FOR-US: willitmerge
 CVE-2025-66217 (AIS-catcher is a multi-platform AIS receiver. Prior to version 
0.64, a ...)
-       TODO: check
+       NOT-FOR-US: AIS-catcher
 CVE-2025-66216 (AIS-catcher is a multi-platform AIS receiver. Prior to version 
0.64, a ...)
-       TODO: check
+       NOT-FOR-US: AIS-catcher
 CVE-2025-66201 (LibreChat is a ChatGPT clone with additional features. Prior 
to versio ...)
-       TODO: check
+       NOT-FOR-US: LibreChat
 CVE-2025-66036 (Retro is an online platform providing items of vintage 
collections. Pr ...)
-       TODO: check
+       NOT-FOR-US: Retro
 CVE-2025-66034 (fontTools is a library for manipulating fonts, written in 
Python. In v ...)
        TODO: check
 CVE-2025-66027 (Rallly is an open-source scheduling and collaboration tool. 
Prior to v ...)
-       TODO: check
+       NOT-FOR-US: Rallly
 CVE-2025-65892 (Reflected Cross-Site Scripting (rXSS) in krpano before version 
1.23.2  ...)
-       TODO: check
+       NOT-FOR-US: krpano Panorama Viewer
 CVE-2025-65540 (Multiple Cross-Site Scripting (XSS) vulnerabilities exist in 
xmall v1. ...)
-       TODO: check
+       NOT-FOR-US: xmall
 CVE-2025-65113 (ClipBucket v5 is an open source video sharing platform. Prior 
to versi ...)
-       TODO: check
+       NOT-FOR-US: ClipBucket
 CVE-2025-65112 (PubNet is a self-hosted Dart & Flutter package service. Prior 
to versi ...)
-       TODO: check
+       NOT-FOR-US: PubNet
 CVE-2025-64715 (Cilium is a networking, observability, and security solution 
with an e ...)
        TODO: check
 CVE-2025-53939 (Kiteworks is a private data network (PDN). Prior to version 
9.1.0, imp ...)
-       TODO: check
+       NOT-FOR-US: Kiteworks
 CVE-2025-53900 (Kiteworks MFT orchestrates end-to-end file transfer workflows. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Kiteworks
 CVE-2025-53899 (Kiteworks MFT orchestrates end-to-end file transfer workflows. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Kiteworks
 CVE-2025-53897 (Kiteworks MFT orchestrates end-to-end file transfer workflows. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Kiteworks
 CVE-2025-53896 (Kiteworks MFT orchestrates end-to-end file transfer workflows. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Kiteworks
 CVE-2024-9183
        - gitlab <not-affected> (Vulnerable code not present)
 CVE-2025-51736 (File upload vulnerability in HCL Technologies Ltd. Unica 
12.0.0.)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f976624e84acdc91526d1df6c2c52482fe9c83c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f976624e84acdc91526d1df6c2c52482fe9c83c2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to