Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ddeed669 by Salvatore Bonaccorso at 2026-03-16T20:58:33+01:00
Reference directly upstream commits for CVE-2025-11143
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4573,8 +4573,9 @@ CVE-2025-11143 (The Jetty URI parser has some key
differences to other common pa
- jetty9 <unfixed>
- jetty <removed>
NOTE:
https://github.com/jetty/jetty.project/security/advisories/GHSA-wjpw-4j6x-6rwh
- NOTE: Fixed by: https://github.com/jetty/jetty.project/pull/14014
(jetty-12.1.x)
- NOTE: Fixed by: https://github.com/jetty/jetty.project/pull/14011
(jetty-9.4.x)
+ NOTE: Fixed by:
https://github.com/jetty/jetty.project/commit/28d9af2a2a3346d7edd35e3b6372a68c5a3be4a5
(jetty-12.1.5)
+ NOTE: Fixed by:
https://github.com/jetty/jetty.project/commit/553b59eff83461a7e488e592bcc3bb958a76f13f
(jetty-12.0.31)
+ NOTE: Fixed by:
https://github.com/jetty/jetty.project/commit/89d2ac7c7792e51cd4b5b633f249fc4c32e5c67b
(jetty-9.4.x)
CVE-2024-43035 (Fonoster 0.5.5 before 0.6.1 allows ../ directory traversal to
read arb ...)
NOT-FOR-US: Fonoster
CVE-2026-3523 (The Apocalypse Meow plugin for WordPress is vulnerable to SQL
Injectio ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddeed6690d35189fd8e369f8a01f74c2312b3cba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddeed6690d35189fd8e369f8a01f74c2312b3cba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
