Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21e845f6 by Salvatore Bonaccorso at 2025-12-26T16:46:33+01:00
Track fixed version for CVE-2025-63499/sogo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10821,7 +10821,7 @@ CVE-2025-65346 (alexusmai laravel-file-manager 3.3.1
and below is vulnerable to
CVE-2025-63681 (open-webui v0.6.33 is vulnerable to Incorrect Access Control.
The API ...)
NOT-FOR-US: open-webui
CVE-2025-63499 (Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS)
via the ...)
- - sogo <unfixed> (bug #1121952)
+ - sogo 5.12.4-1.2 (bug #1121952)
NOTE: Fixed by:
https://github.com/Alinto/sogo/commit/16ab99e7cf8db2c30b211f0d5e338d7f9e3a9efb
NOTE: https://github.com/poblaguev-tot/CVE-2025-63499
CVE-2025-63364 (Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi
Gateway F ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e845f6c9f7df4d2251e7ccf0d3122a2c80afaa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21e845f6c9f7df4d2251e7ccf0d3122a2c80afaa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
