Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
58038e91 by Salvatore Bonaccorso at 2025-12-19T09:19:48+01:00
Add two elasticsearch issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2025-68422 (Improper Authorization (CWE-285) in Kibana
can lead to privilege
CVE-2025-68398 (Weblate is a web based localization tool. In versions prior to
5.15.1, ...)
NOT-FOR-US: Weblate
CVE-2025-68390 (Allocation of Resources Without Limits or Throttling (CWE-770)
in Elas ...)
- TODO: check
+ - elasticsearch <removed>
CVE-2025-68389 (Allocation of Resources Without Limits or Throttling (CWE-770)
in Kiba ...)
- kibana <itp> (bug #700337)
CVE-2025-68388 (Allocation of resources without limits or throttling (CWE-770)
allows ...)
@@ -33,7 +33,7 @@ CVE-2025-68386 (Improper Authorization (CWE-285) in Kibana
can lead to privilege
CVE-2025-68385 (Improper neutralization of input during web page generation
('Cross-si ...)
- kibana <itp> (bug #700337)
CVE-2025-68384 (Allocation of Resources Without Limits or Throttling (CWE-770)
in Elas ...)
- TODO: check
+ - elasticsearch <removed>
CVE-2025-68383 (Improper Validation of Specified Index, Position, or Offset in
Input ( ...)
TODO: check
CVE-2025-68382 (Out-of-bounds read (CWE-125) allows an unauthenticated remote
attacker ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58038e91df6551c1ef398b338250bc0efd1444fd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58038e91df6551c1ef398b338250bc0efd1444fd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
