[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-43715/nsis
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 19 08:53:10 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
60e8b365 by Salvatore Bonaccorso at 2025-04-19T09:50:51+02:00
Update status for CVE-2025-43715/nsis
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -845,9 +845,10 @@ CVE-2020-36789 (In the Linux kernel, the following vulnerability has been resolv
CVE-2025-43717 (In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests direct ...)
NOT-FOR-US: PEAR HTTP_Request2
CVE-2025-43715 (Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allow ...)
- - nsis <unfixed> (bug #1103524)
+ - nsis 3.11-1 (bug #1103524)
NOTE: https://sourceforge.net/p/nsis/bugs/1315/
NOTE: https://nsis.sourceforge.io/Docs/AppendixF.html#v3.11-rl
+ NOTE: Fixed by: https://sourceforge.net/p/nsis/code/7444/
CVE-2025-43708 (VisiCut 2.1 allows stack consumption via an XML document with nested s ...)
NOT-FOR-US: VisiCut
CVE-2025-43704 (Arctera/Veritas Data Insight before 7.1.2 can send cleartext credentia ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60e8b3653610d8fb057e38f039f2f4ce8a3660ab
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60e8b3653610d8fb057e38f039f2f4ce8a3660ab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250419/977cf6f2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list