[Git][security-tracker-team/security-tracker][master] Add CVE-2025-32027/yii, itp'ed

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
37eb521b by Salvatore Bonaccorso at 2025-04-10T22:35:03+02:00
Add CVE-2025-32027/yii, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89,7 +89,7 @@ CVE-2025-32115 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-32114 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32027 (Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii  ...)
-	TODO: check
+	- yii <itp> (bug #597899)
 CVE-2025-31524 (Incorrect Privilege Assignment vulnerability in NotFound WP User Profi ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31411 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37eb521b92d5c08657b39e0d1a0fce5ca54ea47c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37eb521b92d5c08657b39e0d1a0fce5ca54ea47c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250410/df13e8f9/attachment.htm>