Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6f2d0abc by Salvatore Bonaccorso at 2025-09-24T20:46:43+02:00
Update status for some radare2 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36303,13 +36303,15 @@ CVE-2025-5650 (A vulnerability classified as critical
was found in 1000projects
CVE-2025-5649 (A vulnerability classified as critical has been found in
SourceCodeste ...)
NOT-FOR-US: SourceCodester
CVE-2025-5648 (A vulnerability was found in Radare2 5.9.9. It has been
classified as ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24238
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5647 (A vulnerability was found in Radare2 5.9.9 and classified as
problemat ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24237
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5382 (Improper access control in users MFA feature in Devolutions
Server 202 ...)
NOT-FOR-US: Devolutions
CVE-2025-5341 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom
Form B ...)
@@ -36384,29 +36386,35 @@ CVE-2025-5683 (When loading a specifically crafted
ICNS format image file in QIm
NOTE: https://codereview.qt-project.org/c/qt/qtimageformats/+/644548
NOTE:
https://github.com/qt/qtimageformats/commit/efd332516f510144927121fa749ce819b82ec633
CVE-2025-5646 (A vulnerability has been found in Radare2 5.9.9 and classified
as prob ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24235
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5645 (A vulnerability, which was classified as problematic, was found
in Rad ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24234
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5644 (A vulnerability, which was classified as problematic, has been
found i ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24233
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5643 (A vulnerability classified as problematic was found in Radare2
5.9.9. ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24232
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5642 (A vulnerability classified as problematic has been found in
Radare2 5. ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24231
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5641 (A vulnerability was found in Radare2 5.9.9. It has been rated
as probl ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24230
- NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE:
https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
(6.0.0)
CVE-2025-5640 (A vulnerability was found in PX4-Autopilot 1.12.3. It has been
classif ...)
NOT-FOR-US: PX4-Autopilot
CVE-2025-5639 (A vulnerability was found in PHPGurukul Notice Board System 1.0
and cl ...)
@@ -66785,9 +66793,10 @@ CVE-2025-1866 (Improper Restriction of Operations
within the Bounds of a Memory
- libwebsockets <not-affected> (Only affects libwebsockets on Windows)
NOTE:
https://github.com/warmcat/libwebsockets/commit/3f7c79fd57338aca1bf4a1b1f24e324b80d36265
CVE-2025-1864 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1099622)
NOTE: https://github.com/radareorg/radare2/pull/23981
- NOTE: Fixed by:
https://github.com/radareorg/radare2/commit/db6decd4bc90bb4a492129e70803136fa184f470
+ NOTE: Fixed by:
https://github.com/radareorg/radare2/commit/db6decd4bc90bb4a492129e70803136fa184f470
(6.0.0)
CVE-2025-1859 (A vulnerability, which was classified as critical, has been
found in P ...)
NOT-FOR-US: PHPGurukul
CVE-2025-1858 (A vulnerability classified as critical was found in Codezips
Online Sh ...)
@@ -67370,9 +67379,10 @@ CVE-2025-23225 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and
9.4 CD could allow an authe
CVE-2025-1757 (The WordPress Portfolio Builder \u2013 Portfolio Gallery plugin
for Wo ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1744 (Out-of-bounds Write vulnerability in radareorg radare2 allows
heap-b ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1099620)
NOTE: https://github.com/radareorg/radare2/pull/23969
- NOTE:
https://github.com/radareorg/radare2/commit/e64c606b1342a4c0ab2c35ef5146b69667dcd43a
+ NOTE:
https://github.com/radareorg/radare2/commit/e64c606b1342a4c0ab2c35ef5146b69667dcd43a
(6.0.0)
CVE-2025-1687 (The Cardealer theme for WordPress is vulnerable to Cross-Site
Request ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1682 (The Cardealer theme for WordPress is vulnerable to privilege
escalatio ...)
@@ -73478,9 +73488,10 @@ CVE-2025-1380 (A vulnerability was found in Codezips
Gym Management System 1.0 a
CVE-2025-1379 (A vulnerability has been found in code-projects Real Estate
Property M ...)
NOT-FOR-US: Real Estate Property Management System
CVE-2025-1378 (A vulnerability, which was classified as problematic, was found
in rad ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1098376)
NOTE: https://github.com/radareorg/radare2/issues/23953
- NOTE: Fixed by:
https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545
+ NOTE: Fixed by:
https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545
(6.0.0)
CVE-2025-1377 (A vulnerability, which was classified as problematic, has been
found i ...)
- elfutils <unfixed> (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=32673
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f2d0abc219abf990a20314c256563ee11f05823
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f2d0abc219abf990a20314c256563ee11f05823
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
