Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d6d9afe by Salvatore Bonaccorso at 2025-12-18T21:56:40+01:00
Add CVE-2025-63389/ollama, itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -85,7 +85,7 @@ CVE-2025-63391 (An authentication bypass vulnerability exists
in Open-WebUI <=0.
CVE-2025-63390 (An authentication bypass vulnerability exists in AnythingLLM
v1.8.5 in ...)
NOT-FOR-US: AnythingLLM
CVE-2025-63389 (A critical authentication bypass vulnerability exists in
Ollama platfo ...)
- TODO: check
+ - ollama <itp> (bug #1094806)
CVE-2025-63388 (A Cross-Origin Resource Sharing (CORS) misconfiguration
vulnerability ...)
NOT-FOR-US: Dify
CVE-2025-63387 (Dify v1.9.1 is vulnerable to Insecure Permissions. An
unauthenticated ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d6d9afeac841d5fe5dc300543a9eaae9b98a366
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d6d9afeac841d5fe5dc300543a9eaae9b98a366
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
