Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9dcb1f49 by Salvatore Bonaccorso at 2026-05-22T20:39:18+02:00
Update status for CVE-2025-62727/starlette
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -94779,9 +94779,10 @@ CVE-2023-7320 (The WooCommerce plugin for WordPress is
vulnerable to Sensitive I
CVE-2025-62727 (Starlette is a lightweight ASGI framework/toolkit. Starting in
version ...)
- starlette 0.50.0-1 (bug #1119662)
[trixie] - starlette 0.46.1-3+deb13u1
- [bookworm] - starlette <no-dsa> (Minor issue)
- [bullseye] - starlette <postponed> (minor issue; DoS)
+ [bookworm] - starlette <not-affected> (Vulnerable code not present)
+ [bullseye] - starlette <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8
+ NOTE: Introduced with:
https://github.com/Kludex/starlette/commit/69ed26a85956ef4bd0161807eb27abf49be7cd3c
(0.39.0)
NOTE: Fixed by:
https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5
(0.49.1)
CVE-2025-12150 (A flaw was found in Keycloak\u2019s WebAuthn registration
component. T ...)
- keycloak <itp> (bug #1088287)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dcb1f49861576786299932e454ddaf6f8be47c0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dcb1f49861576786299932e454ddaf6f8be47c0
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
