[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-47910/go

Tue, 23 Sep 2025 09:54:54 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e37c16b1 by Salvatore Bonaccorso at 2025-09-23T18:54:05+02:00
Update status for CVE-2025-47910/go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52,13 +52,16 @@ CVE-2025-57205 (iNiLabs School Express (SMS Express) 6.2 is 
affected by a Stored
 CVE-2025-57204 (Stocky POS with Inventory Management & HRM (ui-lib) version 
5.0 is aff ...)
        NOT-FOR-US: Stocky POS with Inventory Management
 CVE-2025-47910 (When using http.CrossOriginProtection, the 
AddInsecureBypassPattern me ...)
-       - golang-1.24 <unfixed>
-       - golang-1.23 <unfixed>
-       - golang-1.19 <removed>
-       - golang-1.15 <removed>
+       - golang-1.25 <unfixed>
+       - golang-1.24 <not-affected> (Vulnerable code introduced later)
+       - golang-1.23 <not-affected> (Vulnerable code introduced later)
+       - golang-1.19 <not-affected> (Vulnerable code introduced later)
+       - golang-1.15 <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ
        NOTE: https://go-review.googlesource.com/c/go/+/699275
        NOTE: https://github.com/golang/go/issues/75054
+       NOTE: Introduced after: 
https://github.com/golang/go/commit/1881d680b0b573c32d3002c37902760668ffec0f 
(go1.25rc1)
+       NOTE: Fixed by: 
https://github.com/golang/go/commit/b1959cf6f7673eaffa89bbdb00e68b30cde3aa8a 
(go1.25.1)
 CVE-2025-43814 (In Liferay Portal 7.4.0 through 7.4.3.112, and older 
unsupported versi ...)
        NOT-FOR-US: Liferay
 CVE-2025-43810 (Insecure Direct Object Reference (IDOR) vulnerability with 
commerce or ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e37c16b17d1bbb01c83784a9b26414c0380f1165

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e37c16b17d1bbb01c83784a9b26414c0380f1165
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to