[Git][security-tracker-team/security-tracker][master] CVE-2025-27553: Reference commit and upstream tag from the repository
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 2 19:48:20 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72f8d2e1 by Salvatore Bonaccorso at 2025-04-02T20:46:47+02:00
CVE-2025-27553: Reference commit and upstream tag from the repository
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4514,7 +4514,7 @@ CVE-2025-29795 (Improper link resolution before file access ('link following') i
CVE-2025-27553 (Relative Path Traversal vulnerability in Apache Commons VFS before 2.1 ...)
- commons-vfs <unfixed> (bug #1101204)
NOTE: https://www.openwall.com/lists/oss-security/2025/03/23/1
- NOTE: Fixed by https://github.com/apache/commons-vfs/pull/558/commits/4ac8c9d3566d13e033e385b5a39bfc57f53374f5
+ NOTE: Fixed by: https://github.com/apache/commons-vfs/commit/83d815afad4057234d9f928f6f00701bb7b51e86 (commons-vfs-2.10.0-RC1)
CVE-2025-2644 (A vulnerability was found in PHPGurukul Art Gallery Management System ...)
NOT-FOR-US: PHPGurukul
CVE-2025-2643 (A vulnerability has been found in PHPGurukul Art Gallery Management Sy ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72f8d2e124c8e8bd6a1a1d03c0390381b69f3c5a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72f8d2e124c8e8bd6a1a1d03c0390381b69f3c5a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250402/408fec16/attachment.htm>
More information about the debian-security-tracker-commits
mailing list