[Git][security-tracker-team/security-tracker][master] Add CVE-2025-59391/libcoap3

Mon, 08 Dec 2025 12:57:06 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ae951990 by Salvatore Bonaccorso at 2025-12-08T21:56:42+01:00
Add CVE-2025-59391/libcoap3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,7 +59,10 @@ CVE-2025-61318 (Emlog Pro 2.5.20 has an arbitrary file 
deletion vulnerability. T
 CVE-2025-60912 (phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) 
vulnerabil ...)
        - phpipam <itp> (bug #731713)
 CVE-2025-59391 (A memory disclosure vulnerability exists in libcoap's OSCORE 
configura ...)
-       TODO: check
+       - libcoap3 <unfixed>
+       NOTE: https://github.com/obgm/libcoap/pull/1730
+       NOTE: Fixed by: 
https://github.com/obgm/libcoap/commit/da534de75edd1b3628a28908d30b0efbaa01be09 
(develop)
+       NOTE: Fixed by: 
https://github.com/obgm/libcoap/commit/d56fb48bffd625f779eaf4616ccda62e1a7f6fd3 
(v4.3.5a)
 CVE-2025-58279 (Permission control vulnerability in the media library module. 
Impact:  ...)
        NOT-FOR-US: Huawei
 CVE-2025-48639 (In DefaultTransitionHandler.java, there is a possible way to 
unknowing ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae951990755b47b1b0df9d77be87c09a9b0c73c6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae951990755b47b1b0df9d77be87c09a9b0c73c6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to