Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ff3e71f4 by Salvatore Bonaccorso at 2026-02-16T05:31:18+01:00
CVE-2025-69873: Add reference to upstream commit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1805,7 +1805,7 @@ CVE-2025-69874 (nanotar through 0.2.0 has a path
traversal vulnerability in pars
CVE-2025-69873 (ajv (Another JSON Schema Validator) through version 8.17.1 is
vulnerab ...)
- node-ajv <unfixed>
NOTE:
https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md
- TODO: check, verify upstream (report) status
+ NOTE: Fixed by:
https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5
(v8.18.0)
CVE-2025-69872 (DiskCache (python-diskcache) through 5.6.3 uses Python pickle
for seri ...)
- diskcache <unfixed>
NOTE:
https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69872-DiskCache-Pickle-Deserialization.md
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff3e71f4bca849a9c34851ea82d8f80a3d0a1309
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff3e71f4bca849a9c34851ea82d8f80a3d0a1309
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
