[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Apr 27 09:12:00 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a6e4208d by security tracker role at 2025-04-27T08:11:52+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2025-46675 (In NASA CryptoLib before 1.3.2, the key state is not checked before us ...)
+	TODO: check
+CVE-2025-46674 (NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work i ...)
+	TODO: check
+CVE-2025-46673 (NASA CryptoLib before 1.3.2 does not check whether the SA is in an ope ...)
+	TODO: check
+CVE-2025-46672 (NASA CryptoLib before 1.3.2 does not check the OTAR crypto function re ...)
+	TODO: check
+CVE-2025-46656 (python-markdownify (aka markdownify) before 0.14.1 allows large headli ...)
+	TODO: check
+CVE-2025-46655 (CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS  ...)
+	TODO: check
+CVE-2025-46654 (CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS  ...)
+	TODO: check
+CVE-2025-46653 (Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies ...)
+	TODO: check
+CVE-2025-46580 (There is a code-related vulnerability in the GoldenDB database product ...)
+	TODO: check
+CVE-2025-46579 (There is a DDE injection vulnerability in the GoldenDB database produc ...)
+	TODO: check
+CVE-2025-46578 (There are SQL injection vulnerabilities in multiple interfaces of the  ...)
+	TODO: check
+CVE-2025-46577 (There is a SQL injection vulnerability in the GoldenDB database produc ...)
+	TODO: check
+CVE-2025-46576 (There is a Permission Management and Access Control vulnerability in t ...)
+	TODO: check
+CVE-2025-46575 (There is an information disclosure vulnerability in the GoldenDB datab ...)
+	TODO: check
+CVE-2025-46574 (There is an information disclosure vulnerability in the GoldenDB datab ...)
+	TODO: check
+CVE-2025-3963 (A vulnerability, which was classified as critical, has been found in w ...)
+	TODO: check
+CVE-2025-3962 (A vulnerability classified as problematic was found in withstars Books ...)
+	TODO: check
+CVE-2025-3961 (A vulnerability classified as problematic has been found in withstars  ...)
+	TODO: check
+CVE-2025-3960 (A vulnerability was found in withstars Books-Management-System 1.0. It ...)
+	TODO: check
+CVE-2025-3959 (A vulnerability was found in withstars Books-Management-System 1.0. It ...)
+	TODO: check
+CVE-2025-3958 (A vulnerability was found in withstars Books-Management-System 1.0. It ...)
+	TODO: check
+CVE-2025-3957 (A vulnerability was found in opplus springboot-admin 1.0 and classifie ...)
+	TODO: check
+CVE-2025-3956 (A vulnerability has been found in 201206030 novel-cloud 1.4.0 and clas ...)
+	TODO: check
+CVE-2025-3955 (A vulnerability, which was classified as critical, was found in codepr ...)
+	TODO: check
+CVE-2025-3954 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2024-52888 (For an authenticated end-user the portal may run a script while attemp ...)
+	TODO: check
+CVE-2024-52887 (Authenticated end-user may set a specially crafted SNX bookmark that c ...)
+	TODO: check
 CVE-2025-46652 (In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. ...)
 	NOT-FOR-US: IZArc
 CVE-2025-46646 (In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c m ...)
@@ -635,6 +689,7 @@ CVE-2025-45428 (In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTi
 CVE-2025-45427 (In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security param ...)
 	NOT-FOR-US: Tenda
 CVE-2025-43965 (In MIFF image processing in ImageMagick before 7.1.1-44, image depth i ...)
+	{DLA-4139-1}
 	- imagemagick 8:7.1.1.46+dfsg1-1
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/bac413a26073923d3ffb258adaab07fb3fe8fdc9 (7.1.1-44)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/c99cbc8d8663248bf353cd9042b04d7936e7587a (6.9.13-22)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6e4208d56cddc265a1e02940876f838f8dde498

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6e4208d56cddc265a1e02940876f838f8dde498
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250427/056d82cb/attachment.htm>

More information about the debian-security-tracker-commits mailing list