Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1c94d0fb by Chris Lamb at 2025-09-10T15:30:52-07:00
Add notes about CVE-2025-50817.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8585,6 +8585,8 @@ CVE-2025-50817 (A vulnerability in the Python-Future
1.0.0 module allows for arb
[bookworm] - python-future <no-dsa> (Minor issue)
NOTE:
https://medium.com/@abcd_68700/cve-2025-50817-python-future-module-arbitrary-code-execution-via-unintended-import-of-test-py-f0818ea93cf4
NOTE: https://github.com/PythonCharmers/python-future/issues/268
+ NOTE: Project is EOL/unmaintained; no upstream fix is likely.
+ NOTE: CVE may be rejected.
https://github.com/PythonCharmers/python-future/issues/650#issuecomment-3252409616
CVE-2025-50518 (A use-after-free vulnerability exists in the
coap_delete_pdu_lkd funct ...)
- libcoap3 <not-affected> (Vulnerable code introduced later)
NOTE:
https://github.com/IreneTheITCrowd/blog/blob/main/libcoap-vulnerability.md
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c94d0fb02072aed4124caada1c6926283a395eb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c94d0fb02072aed4124caada1c6926283a395eb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
