Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: ef364a81 by Moritz Muehlenhoff at 2025-06-18T12:59:38+02:00 new ATS issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,13 @@ +CVE-2025-31698 [ATS: Client IP address from PROXY protocol is not used for ACL] + - trafficserver <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/06/17/7 + NOTE: https://github.com/apache/trafficserver/commit/ce942e0acacd5cc9f38bd07565a1dfc5ffed0e33 (9.2.11-rc0) + NOTE: https://github.com/apache/trafficserver/commit/91a654dfa4de0c48aa222b87bfb909f9f21b03e0 (master) +CVE-2025-49763 [ATS: Remote DoS via memory exhaustion in ESI Plugin] + - trafficserver <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/06/17/7 + NOTE: https://github.com/apache/trafficserver/commit/2db8b8dc96e57fc292850f77b9783630cc9590b9 (9.2.11-rc0) + NOTE: https://github.com/apache/trafficserver/commit/7f178de7de19498c1c320ea9b62c2f32355f3893 (master) CVE-2025-51381 (An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and ...) NOT-FOR-US: KCM3100 CVE-2025-50202 (Lychee is a free photo-management tool. In versions starting from 6.6. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef364a8129648dfbf7639b6711a7fd8ef1f39651 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef364a8129648dfbf7639b6711a7fd8ef1f39651 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
