[Git][security-tracker-team/security-tracker][master] Add CVE-2025-50952/openjpeg2
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 7 21:53:18 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
67901956 by Salvatore Bonaccorso at 2025-08-07T22:52:43+02:00
Add CVE-2025-50952/openjpeg2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,7 +37,9 @@ CVE-2025-51629 (A cross-site scripting (XSS) vulnerability in the PdfViewer comp
CVE-2025-51533 (An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 an ...)
TODO: check
CVE-2025-50952 (openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference ...)
- TODO: check
+ - openjpeg2 2.5.3-1
+ NOTE: https://github.com/uclouvain/openjpeg/issues/1505
+ NOTE: Fixed by: ttps://github.com/uclouvain/openjpeg/commit/d903fbb4ab9ccf9b96c8bc7398fafc0007505a37 (v2.5.1)
CVE-2025-50692 (FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file ...)
NOT-FOR-US: FoxCMS
CVE-2025-50675 (GPMAW 14, a bioinformatics software, has a critical vulnerability rela ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/679019560c051f8e8051ccec8e531674ac2adf1d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/679019560c051f8e8051ccec8e531674ac2adf1d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250807/3c907d0d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list