Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0891154d by Moritz Muehlenhoff at 2025-03-27T23:22:06+01:00
mark gnuplot as non issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,25 +1,30 @@
CVE-2024-56325
NOT-FOR-US: Apache Pinot
CVE-2025-31181 (A flaw was found in gnuplot. The X11_graphics() function may
lead to a ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355338
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to
+ NOTE: come from a trusted source, see README.Debian.security (added in
5.2.6).
CVE-2025-31180 (A flaw was found in gnuplot. The CANVAS_text() function may
lead to a ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355339
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to
+ NOTE: come from a trusted source, see README.Debian.security (added in
5.2.6).
CVE-2025-31179 (A flaw was found in gnuplot. The xstrftime() function may lead
to a se ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355340
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to
+ NOTE: come from a trusted source, see README.Debian.security (added in
5.2.6).
CVE-2025-31178 (A flaw was found in gnuplot. The GetAnnotateString() function
may lead ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355341
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to
+ NOTE: come from a trusted source, see README.Debian.security (added in
5.2.6).
CVE-2025-31176 (A flaw was found in gnuplot. The plot3d_points() function may
lead to ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355343
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to
+ NOTE: come from a trusted source, see README.Debian.security (added in
5.2.6).
CVE-2025-31141 (In JetBrains TeamCity before 2025.03 exception could lead to
credentia ...)
NOT-FOR-US: JetBrains
CVE-2025-31140 (In JetBrains TeamCity before 2025.03 stored XSS was possible
on Cloud ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0891154dc65b22942bfb511a09a42b5cf9ef2dc4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0891154dc65b22942bfb511a09a42b5cf9ef2dc4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
