[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-4658 and CVE-2025-3757

Salvatore Bonaccorso (@carnil) Tue, 13 May 2025 21:17:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7a071905 by Salvatore Bonaccorso at 2025-05-14T06:16:26+02:00
Update status for CVE-2025-4658 and CVE-2025-3757

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,8 @@
 CVE-2025-4660 (A remote code execution vulnerability exists in the Windows 
agent comp ...)
        NOT-FOR-US: Forescout
 CVE-2025-4658 (Versions of OpenPubkey library prior to 0.10.0  contained a 
vulnerabil ...)
-       - golang-github-openpubkey-openpubkey <unfixed>
+       - opkssh <unfixed> (bug #1105741)
+       NOTE: 
https://github.com/openpubkey/opkssh/security/advisories/GHSA-56wx-66px-9j66
 CVE-2025-4649 (Improper Privilege Management vulnerability in Centreon web 
allows Pri ...)
        NOT-FOR-US: Centreon
 CVE-2025-4648 (Download of Code Without Integrity Check vulnerability in 
Centreon web ...)
@@ -103,7 +104,8 @@ CVE-2025-40555 (A vulnerability has been identified in 
APOGEE PXC+TALON TC Serie
 CVE-2025-3916 (CWE-121: Stack-based Buffer Overflowvulnerability existsthat 
could cau ...)
        NOT-FOR-US: Schneider Electric
 CVE-2025-3757 (Versions of OpenPubkey library prior to 0.10.0  contained a 
vulnerabil ...)
-       TODO: seems like a dupe of CVE-2025-4658
+       - golang-github-openpubkey-openpubkey <unfixed> (bug #1105736)
+       NOTE: 
https://github.com/openpubkey/openpubkey/security/advisories/GHSA-537f-gxgm-3jjq
 CVE-2025-3744 (Nomad Enterprise (\u201cNomad\u201d) jobs using the policy 
override op ...)
        - nomad <not-affected> (Specific to Nomad Enterprise)
 CVE-2025-33025 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 
(All versi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a071905904ac217325bf685c65b08c1066629c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a071905904ac217325bf685c65b08c1066629c2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-4658 and CVE-2025-3757

Reply via email to