Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f4632bc0 by Salvatore Bonaccorso at 2025-09-03T16:05:58+02:00
Track fixed version for sail issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2238,7 +2238,7 @@ CVE-2025-54481 (A stack-based buffer overflow
vulnerability exists in the MFER p
CVE-2025-54370 (PhpOffice/PhpSpreadsheet is a pure PHP library for reading and
writing ...)
NOT-FOR-US: PHPOffice
CVE-2025-53510 (A memory corruption vulnerability exists in the PSD Image
Decoding fun ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2218
CVE-2025-53120 (A path traversal vulnerability in unauthenticated upload
functionality ...)
@@ -2248,15 +2248,15 @@ CVE-2025-53119 (An unauthenticated unrestricted file
upload vulnerability allows
CVE-2025-53118 (An authentication bypass vulnerability exists which allows an
unauthen ...)
NOT-FOR-US: Securden Unified PAM
CVE-2025-53085 (A memory corruption vulnerability exists in the PSD RLE
Decoding funct ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2219
CVE-2025-52930 (A memory corruption vulnerability exists in the BMPv3 RLE
Decoding fun ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2221
CVE-2025-52456 (A memory corruption vulnerability exists in the WebP Image
Decoding fu ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2224
CVE-2025-52130 (File upload vulnerability in WebErpMesv2 1.17 in the
app/Http/Controll ...)
@@ -2270,13 +2270,13 @@ CVE-2025-50722 (Insecure Permissions vulnerability in
sparkshop v.1.1.7 allows a
CVE-2025-50383 (alextselegidis Easy!Appointments v1.5.1 was discovered to
contain a SQ ...)
NOT-FOR-US: alextselegidis Easy!Appointments
CVE-2025-50129 (A memory corruption vulnerability exists in the PCX Image
Decoding fun ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2220
CVE-2025-48303 (Cross-Site Request Forgery (CSRF) vulnerability in Kevin
Langley Jr. P ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-46407 (A memory corruption vulnerability exists in the BMPv3 Palette
Decoding ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2215
CVE-2025-45968 (An issue in System PDV v1.0 allows a remote attacker to obtain
sensiti ...)
@@ -2294,11 +2294,11 @@ CVE-2025-3478 (A Stored Cross-Site Scripting (XSS)
vulnerability has been identi
CVE-2025-3456 (On affected platforms running Arista EOS, the global common
encryption ...)
NOT-FOR-US: Arista Networks
CVE-2025-35984 (A memory corruption vulnerability exists in the PCX Image
Decoding fun ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2217
CVE-2025-32468 (A memory corruption vulnerability exists in the BMPv3 Image
Decoding f ...)
- - sail <unfixed> (bug #1112346)
+ - sail 0.9.9-1 (bug #1112346)
[trixie] - sail <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2216
CVE-2025-29525 (DASAN GPON ONU H660WM OS version H660WMR210825 Hardware
version DS-E5- ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4632bc05a88d356a1469750cb124ff0e4754f3f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4632bc05a88d356a1469750cb124ff0e4754f3f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
