[Git][security-tracker-team/security-tracker][master] Add two new Keycloak issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 30 13:34:36 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2160ba0e by Salvatore Bonaccorso at 2025-04-30T14:34:09+02:00
Add two new Keycloak issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -107,11 +107,11 @@ CVE-2025-3929 (An XSS issue was discovered in MDaemon Email Server version 25.0.
CVE-2025-3911 (Recording of environment variables, configured for running containers, ...)
TODO: check
CVE-2025-3910 (A flaw was found in Keycloak. The org.keycloak.authorization package m ...)
- TODO: check
+ - keycloak <itp> (bug #1088287)
CVE-2025-3891 (A flaw was found in the mod_auth_openidc module for Apache httpd. This ...)
TODO: check
CVE-2025-3501 (A flaw was found in Keycloak. By setting a verification policy to 'ALL ...)
- TODO: check
+ - keycloak <itp> (bug #1088287)
CVE-2025-3471 (The SureForms WordPress plugin before 1.4.4 does not have proper auth ...)
NOT-FOR-US: WordPress plugin
CVE-2025-3452 (The SecuPress Free \u2014 WordPress Security plugin for WordPress is v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2160ba0ec6a503c10b2b7700aae91900d5be1e1e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2160ba0ec6a503c10b2b7700aae91900d5be1e1e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250430/c364cca2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list