Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3583e464 by Moritz Muehlenhoff at 2025-05-22T17:41:54+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,7 +18,7 @@ CVE-2025-4133 (The Blog2Social: Social Media Auto Post &
Scheduler WordPress plu
CVE-2025-48070 (Plane is open-source project management software. Versions
prior to 0. ...)
NOT-FOR-US: Plane
CVE-2025-47947 (ModSecurity is an open source, cross platform web application
firewall ...)
- - modsecurity-apache <unfixed>
+ - modsecurity-apache <unfixed> (bug #1106286)
NOTE:
https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-859r-vvv8-rm8r
CVE-2025-47942 (The Open edX Platform is a learning management platform. Prior
to comm ...)
NOT-FOR-US: Open edX
@@ -27,7 +27,7 @@ CVE-2025-45753 (A vulnerability in Vtiger CRM Open Source
Edition v8.3.0 allows
CVE-2025-44040 (An issue in OrangeHRM v.5.7 allows an attacker to escalate
privileges ...)
NOT-FOR-US: OrangeHRM
CVE-2025-3887 (GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote
Code E ...)
- - gst-plugins-bad1.0 <unfixed>
+ - gst-plugins-bad1.0 <unfixed> (bug #1106285)
NOTE:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d0e18d6353e4e448ccf3b06a967b394e664dd0b5
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-267/
CVE-2025-3885 (Harman Becker MGU21 Bluetooth Improper Input Validation
Denial-of-Serv ...)
@@ -129,7 +129,7 @@ CVE-2025-48064 (GitHub Desktop is an open-source,
Electron-based GitHub app desi
CVE-2025-48063 (XWiki is a generic wiki platform. In XWiki 16.10.0, required
rights we ...)
NOT-FOR-US: XWiki
CVE-2025-48060 (jq is a command-line JSON processor. In versions up to and
including 1 ...)
- - jq <unfixed>
+ - jq <unfixed> (bug #1106288)
NOTE:
https://github.com/jqlang/jq/security/advisories/GHSA-p7rr-28xf-3m5w
CVE-2025-48012 (Authentication Bypass by Capture-replay vulnerability in
Drupal One Ti ...)
NOT-FOR-US: Drupal core and addons
@@ -239,7 +239,7 @@ CVE-2024-56428 (The local iLabClient database in itech
iLabClient 3.7.1 allows l
CVE-2024-42922 (AAPanel v7.0.7 was discovered to contain an OS command
injection vulne ...)
TODO: check
CVE-2024-23337 (jq is a command-line JSON processor. In versions up to and
including 1 ...)
- - jq <unfixed> (unimportant)
+ - jq <unfixed> (bug #1106289)
NOTE:
https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46
NOTE: https://github.com/jqlang/jq/issues/3262
NOTE:
https://github.com/jqlang/jq/commit/de21386681c0df0104a99d9d09db23a9b2a78b1e
@@ -284,7 +284,7 @@ CVE-2025-4969 (A vulnerability was found in the libsoup
package. This flaw stems
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/447
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/467
CVE-2025-4949 (In Eclipse JGit versions 7.2.0.202503040940-r and older, the
ManifestP ...)
- - jgit <unfixed>
+ - jgit <unfixed> (bug #1106287)
NOTE:
https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/281
NOTE: https://gitlab.eclipse.org/security/cve-assignement/-/issues/64
CVE-2025-4524 (The Madara \u2013 Responsive and modern WordPress theme for
manga site ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3583e46458a29e29d9d6553f2e0cc216f1e89234
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3583e46458a29e29d9d6553f2e0cc216f1e89234
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
