[Git][security-tracker-team/security-tracker][master] Add CVE-2025-3573/civicrm

Thu, 17 Apr 2025 08:34:44 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e01f810e by Salvatore Bonaccorso at 2025-04-17T17:34:15+02:00
Add CVE-2025-3573/civicrm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1599,7 +1599,10 @@ CVE-2025-3576 (A vulnerability in the MIT Kerberos 
implementation allows GSSAPI-
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2359465
        TODO: check upstream details
 CVE-2025-3573 (Versions of the package jquery-validation before 1.20.0 are 
vulnerable ...)
-       TODO: check
+       - civicrm <unfixed>
+       NOTE: https://github.com/jquery-validation/jquery-validation/pull/2462
+       NOTE: 
https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902
+       NOTE: civicrm embedds jquery-validation
 CVE-2025-3470 (The TS Poll \u2013 Survey, Versus Poll, Image Poll, Video Poll 
plugin  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-32997 (In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, 
fixRequest ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e01f810e281130e2cbf38dceb5d9106c4b7a0d79

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e01f810e281130e2cbf38dceb5d9106c4b7a0d79
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to