[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 27 Apr 2025 01:12:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a6e4208d by security tracker role at 2025-04-27T08:11:52+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2025-46675 (In NASA CryptoLib before 1.3.2, the key state is not checked 
before us ...)
+       TODO: check
+CVE-2025-46674 (NASA CryptoLib before 1.3.2 uses Extended Procedures that are 
a Work i ...)
+       TODO: check
+CVE-2025-46673 (NASA CryptoLib before 1.3.2 does not check whether the SA is 
in an ope ...)
+       TODO: check
+CVE-2025-46672 (NASA CryptoLib before 1.3.2 does not check the OTAR crypto 
function re ...)
+       TODO: check
+CVE-2025-46656 (python-markdownify (aka markdownify) before 0.14.1 allows 
large headli ...)
+       TODO: check
+CVE-2025-46655 (CodiMD through 2.5.4 has a CSP-based protection mechanism 
against XSS  ...)
+       TODO: check
+CVE-2025-46654 (CodiMD through 2.2.0 has a CSP-based protection mechanism 
against XSS  ...)
+       TODO: check
+CVE-2025-46653 (Formidable (aka node-formidable) 2.1.0 through 3.x before 
3.5.3 relies ...)
+       TODO: check
+CVE-2025-46580 (There is a code-related vulnerability in the GoldenDB database 
product ...)
+       TODO: check
+CVE-2025-46579 (There is a DDE injection vulnerability in the GoldenDB 
database produc ...)
+       TODO: check
+CVE-2025-46578 (There are SQL injection vulnerabilities in multiple interfaces 
of the  ...)
+       TODO: check
+CVE-2025-46577 (There is a SQL injection vulnerability in the GoldenDB 
database produc ...)
+       TODO: check
+CVE-2025-46576 (There is a Permission Management and Access Control 
vulnerability in t ...)
+       TODO: check
+CVE-2025-46575 (There is an information disclosure vulnerability in the 
GoldenDB datab ...)
+       TODO: check
+CVE-2025-46574 (There is an information disclosure vulnerability in the 
GoldenDB datab ...)
+       TODO: check
+CVE-2025-3963 (A vulnerability, which was classified as critical, has been 
found in w ...)
+       TODO: check
+CVE-2025-3962 (A vulnerability classified as problematic was found in 
withstars Books ...)
+       TODO: check
+CVE-2025-3961 (A vulnerability classified as problematic has been found in 
withstars  ...)
+       TODO: check
+CVE-2025-3960 (A vulnerability was found in withstars Books-Management-System 
1.0. It ...)
+       TODO: check
+CVE-2025-3959 (A vulnerability was found in withstars Books-Management-System 
1.0. It ...)
+       TODO: check
+CVE-2025-3958 (A vulnerability was found in withstars Books-Management-System 
1.0. It ...)
+       TODO: check
+CVE-2025-3957 (A vulnerability was found in opplus springboot-admin 1.0 and 
classifie ...)
+       TODO: check
+CVE-2025-3956 (A vulnerability has been found in 201206030 novel-cloud 1.4.0 
and clas ...)
+       TODO: check
+CVE-2025-3955 (A vulnerability, which was classified as critical, was found in 
codepr ...)
+       TODO: check
+CVE-2025-3954 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
+CVE-2024-52888 (For an authenticated end-user the portal may run a script 
while attemp ...)
+       TODO: check
+CVE-2024-52887 (Authenticated end-user may set a specially crafted SNX 
bookmark that c ...)
+       TODO: check
 CVE-2025-46652 (In IZArc through 4.5, there is a Mark-of-the-Web Bypass 
Vulnerability. ...)
        NOT-FOR-US: IZArc
 CVE-2025-46646 (In Artifex Ghostscript before 10.05.0, decode_utf8 in 
base/gp_utf8.c m ...)
@@ -635,6 +689,7 @@ CVE-2025-45428 (In Tenda ac9 v1.0 with firmware 
V15.03.05.14_multi, the rebootTi
 CVE-2025-45427 (In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the 
security param ...)
        NOT-FOR-US: Tenda
 CVE-2025-43965 (In MIFF image processing in ImageMagick before 7.1.1-44, image 
depth i ...)
+       {DLA-4139-1}
        - imagemagick 8:7.1.1.46+dfsg1-1
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/bac413a26073923d3ffb258adaab07fb3fe8fdc9
 (7.1.1-44)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/c99cbc8d8663248bf353cd9042b04d7936e7587a
 (6.9.13-22)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6e4208d56cddc265a1e02940876f838f8dde498

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6e4208d56cddc265a1e02940876f838f8dde498
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to