Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd6e0552 by Moritz Muehlenhoff at 2025-05-16T08:18:11+02:00
new python issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47,7 +47,15 @@ CVE-2025-4695 (A vulnerability was found in PHPGurukul Cyber
Cafe Management Sys
CVE-2025-4564 (The TicketBAI Facturas para WooCommerce plugin for WordPress is
vulner ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4516 (There is an issue in CPython when using
`bytes.decode("unicode_escape" ...)
- TODO: check
+ - python3.13 <unfixed>
+ - python3.12 <unfixed>
+ - python3.11 <removed>
+ - python3.9 <removed>
+ NOTE:
https://mail.python.org/archives/list/[email protected]/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
+ NOTE: https://github.com/python/cpython/issues/133767
+ NOTE:
https://github.com/python/cpython/pull/129648https://github.com/python/cpython/pull/129648
+ NOTE:
https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
(main)
+ NOTE:
https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
(3.14)
CVE-2025-48051 (powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in
some ap ...)
NOT-FOR-US: Lichess Lila
CVE-2025-48050 (In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js
does not ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd6e0552d94501912b554c26300c4ea19494be0f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd6e0552d94501912b554c26300c4ea19494be0f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
