[Git][security-tracker-team/security-tracker][master] Add information for CVE-2025-43703/anki

Thu, 17 Apr 2025 02:01:28 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ea39b77d by Salvatore Bonaccorso at 2025-04-17T10:59:33+02:00
Add information for CVE-2025-43703/anki

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,9 @@ CVE-2025-43708 (VisiCut 2.1 allows stack consumption via an XML 
document with ne
 CVE-2025-43704 (Arctera/Veritas Data Insight before 7.1.2 can send cleartext 
credentia ...)
        NOT-FOR-US: Veritas
 CVE-2025-43703 (An issue was discovered in Ankitects Anki through 25.02. A 
crafted sha ...)
-       TODO: check
+       - anki <not-affected> (Incomplete fix for CVE-2024-32484 not applied)
+       NOTE: https://github.com/ankitects/anki/pull/3925
+       NOTE: Issue exists because of an incomplete fix for CVE-2024-32484
 CVE-2025-3730 (A vulnerability, which was classified as problematic, was found 
in PyT ...)
        TODO: check
 CVE-2025-3729 (A vulnerability, which was classified as critical, has been 
found in S ...)
@@ -78798,6 +78800,7 @@ CVE-2024-32484 (An reflected XSS vulnerability exists 
in the handling of invalid
        - anki <removed> (bug #1077548)
        [bullseye] - anki <postponed> (Minor issue; can be fixed in next update)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1995
+       NOTE: When fixing this issue, make sure to fix it completely to not 
open up CVE-2025-43703
 CVE-2024-32152 (A blocklist bypass vulnerability exists in the LaTeX 
functionality of  ...)
        - anki <removed> (bug #1077548)
        [bullseye] - anki <postponed> (Minor issue; can be fixed in next update)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea39b77d7df5bda9281e29c51919bf1f3ea8c664

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea39b77d7df5bda9281e29c51919bf1f3ea8c664
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to