[Git][security-tracker-team/security-tracker][master] CVE-2025-50422/cairo [bullseye]
Bastien Roucariès (@rouca)
rouca at debian.org
Sat Aug 9 16:35:46 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
102bdec0 by Bastien Roucariès at 2025-08-09T17:34:37+02:00
CVE-2025-50422/cairo [bullseye]
This is a no clear vulnerability of cipher text, that need another exploit or dump right to be exploitable, thus postpone
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1258,6 +1258,7 @@ CVE-2025-51390 (TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain
NOT-FOR-US: TOTOLINK
CVE-2025-50422 (An issue was discovered in freedesktop poppler v25.04.0. The heap memo ...)
- cairo <unfixed> (bug #1110606)
+ [bullseye] - cairo <postponed> (Minor Issue; need dump right and local access)
NOTE: https://github.com/Landw-hub/CVE-2025-50422
NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1591
NOTE: https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/621
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/102bdec00846ba7ec5795170efe0299c2fce00d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/102bdec00846ba7ec5795170efe0299c2fce00d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250809/9a2ccdbe/attachment.htm>
More information about the debian-security-tracker-commits
mailing list