[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 25 21:13:01 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
188d3657 by security tracker role at 2025-08-25T20:12:54+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,44 +1,206 @@
-CVE-2025-53518
+CVE-2025-9417 (A weakness has been identified in itsourcecode Apartment Management Sy ...)
+ TODO: check
+CVE-2025-9416 (A security flaw has been discovered in oitcode samarium up to 0.9.6. T ...)
+ TODO: check
+CVE-2025-9415 (A vulnerability was identified in GreenCMS up to 2.3.0603. This affect ...)
+ TODO: check
+CVE-2025-9414 (A vulnerability was found in kalcaddle kodbox 1.61. Affected by this v ...)
+ TODO: check
+CVE-2025-9413 (A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts ...)
+ TODO: check
+CVE-2025-9412 (A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This a ...)
+ TODO: check
+CVE-2025-9411 (A security vulnerability has been detected in lostvip-com ruoyi-go up ...)
+ TODO: check
+CVE-2025-9410 (A weakness has been identified in lostvip-com ruoyi-go up to 2.1. The ...)
+ TODO: check
+CVE-2025-9409 (A security flaw has been discovered in lostvip-com ruoyi-go up to 2.1. ...)
+ TODO: check
+CVE-2025-9407 (A flaw has been found in mtons mblog up to 3.5.0. Affected by this vul ...)
+ TODO: check
+CVE-2025-8562 (The Custom Query Shortcode plugin for WordPress is vulnerable to Path ...)
+ TODO: check
+CVE-2025-7426 (Information disclosure and exposure of authentication FTP credentials ...)
+ TODO: check
+CVE-2025-6737 (Securden\u2019s Unified PAM Remote Vendor Gateway access portal shares ...)
+ TODO: check
+CVE-2025-5302 (A denial of service vulnerability exists in the JSONReader component o ...)
+ TODO: check
+CVE-2025-57811 (Craft is a platform for creating digital experiences. From versions 4. ...)
+ TODO: check
+CVE-2025-57802 (Airlink's Daemon interfaces with Docker and the Panel to provide secur ...)
+ TODO: check
+CVE-2025-57773 (DataEase is an open source business intelligence and data visualizatio ...)
+ TODO: check
+CVE-2025-57772 (DataEase is an open source business intelligence and data visualizatio ...)
+ TODO: check
+CVE-2025-57760 (Langflow is a tool for building and deploying AI-powered agents and wo ...)
+ TODO: check
+CVE-2025-56216 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
+ TODO: check
+CVE-2025-56215 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
+ TODO: check
+CVE-2025-56214 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
+ TODO: check
+CVE-2025-56212 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injecti ...)
+ TODO: check
+CVE-2025-55575 (SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers ...)
+ TODO: check
+CVE-2025-55574 (Cross Site Scripting vulnerability in docmost v.0.21.0 and before allo ...)
+ TODO: check
+CVE-2025-55409 (FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index. ...)
+ TODO: check
+CVE-2025-55301 (The Scratch Channel is a news website. In version 1, it is possible to ...)
+ TODO: check
+CVE-2025-54493 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54492 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54491 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54490 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54489 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54488 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54487 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54486 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54485 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54484 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54483 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54482 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54481 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
+ TODO: check
+CVE-2025-54370 (PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing ...)
+ TODO: check
+CVE-2025-53510 (A memory corruption vulnerability exists in the PSD Image Decoding fun ...)
+ TODO: check
+CVE-2025-53120 (A path traversal vulnerability in unauthenticated upload functionality ...)
+ TODO: check
+CVE-2025-53119 (An unauthenticated unrestricted file upload vulnerability allows an at ...)
+ TODO: check
+CVE-2025-53118 (An authentication bypass vulnerability exists which allows an unauthen ...)
+ TODO: check
+CVE-2025-53085 (A memory corruption vulnerability exists in the PSD RLE Decoding funct ...)
+ TODO: check
+CVE-2025-52930 (A memory corruption vulnerability exists in the BMPv3 RLE Decoding fun ...)
+ TODO: check
+CVE-2025-52456 (A memory corruption vulnerability exists in the WebP Image Decoding fu ...)
+ TODO: check
+CVE-2025-52130 (File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controll ...)
+ TODO: check
+CVE-2025-51281 (D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en` ...)
+ TODO: check
+CVE-2025-50900 (An issue was discovered in getrebuild/rebuild 4.0.4. The affected sour ...)
+ TODO: check
+CVE-2025-50722 (Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remot ...)
+ TODO: check
+CVE-2025-50383 (alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQ ...)
+ TODO: check
+CVE-2025-50129 (A memory corruption vulnerability exists in the PCX Image Decoding fun ...)
+ TODO: check
+CVE-2025-48303 (Cross-Site Request Forgery (CSRF) vulnerability in Kevin Langley Jr. P ...)
+ TODO: check
+CVE-2025-46407 (A memory corruption vulnerability exists in the BMPv3 Palette Decoding ...)
+ TODO: check
+CVE-2025-45968 (An issue in System PDV v1.0 allows a remote attacker to obtain sensiti ...)
+ TODO: check
+CVE-2025-44179 (Hitron CGNF-TWN 3.1.1.43-TWN-pre3 contains a command injection vulnera ...)
+ TODO: check
+CVE-2025-44178 (DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access ...)
+ TODO: check
+CVE-2025-43960 (Adminer 4.8.1, when using Monolog for logging, allows a Denial of Serv ...)
+ TODO: check
+CVE-2025-3478 (A Stored Cross-Site Scripting (XSS) vulnerability has been identified ...)
+ TODO: check
+CVE-2025-3456 (On affected platforms running Arista EOS, the global common encryption ...)
+ TODO: check
+CVE-2025-35984 (A memory corruption vulnerability exists in the PCX Image Decoding fun ...)
+ TODO: check
+CVE-2025-32468 (A memory corruption vulnerability exists in the BMPv3 Image Decoding f ...)
+ TODO: check
+CVE-2025-29525 (DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5- ...)
+ TODO: check
+CVE-2025-29524 (Incorrect access control in the component /cgi-bin/system_diagnostic_m ...)
+ TODO: check
+CVE-2025-29523 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discover ...)
+ TODO: check
+CVE-2025-29522 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discover ...)
+ TODO: check
+CVE-2025-29521 (Insecure default credentials for the Adminsitrator account of D-Link D ...)
+ TODO: check
+CVE-2025-29520 (Incorrect access control in the Maintenance module of D-Link DSL-7740C ...)
+ TODO: check
+CVE-2025-29519 (A command injection vulnerability in the EXE parameter of D-Link DSL-7 ...)
+ TODO: check
+CVE-2025-29517 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discover ...)
+ TODO: check
+CVE-2025-29516 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discover ...)
+ TODO: check
+CVE-2025-29515 (Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7 ...)
+ TODO: check
+CVE-2025-29514 (Incorrect access control in the config.xgi function of D-Link DSL-7740 ...)
+ TODO: check
+CVE-2025-29421 (PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the ge ...)
+ TODO: check
+CVE-2025-29420 (PerfreeBlog v4.0.11 has a directory traversal vulnerability in the get ...)
+ TODO: check
+CVE-2024-46413 (Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery ...)
+ TODO: check
+CVE-2024-46412 (Incorrect access control in the prehandle function of Rebuild v3.7.7 a ...)
+ TODO: check
+CVE-2024-39923 (An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 befor ...)
+ TODO: check
+CVE-2023-47799 (Mahara before 22.10.4 and 23.x before 23.04.4 allows information discl ...)
+ TODO: check
+CVE-2025-53518 (An integer overflow vulnerability exists in the ABF parsing functional ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/d7d146b70b9b261b132dac7f9293271a4e8d481d/
-CVE-2025-53853
+CVE-2025-53853 (A heap-based buffer overflow vulnerability exists in the ISHNE parsing ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/bd1ed634059db8312ce521931bb90785723e5af9/
-CVE-2025-52581
+CVE-2025-52581 (An integer overflow vulnerability exists in the GDF parsing functional ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/0211292419ad9f1bf9693563692548a39491dad0/
-CVE-2025-54480
+CVE-2025-54480 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
-CVE-2025-54494
+CVE-2025-54494 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
-CVE-2025-53557
+CVE-2025-53557 (A heap-based buffer overflow vulnerability exists in the MFER parsing ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
-CVE-2025-46411
+CVE-2025-46411 (A stack-based buffer overflow vulnerability exists in the MFER parsing ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
-CVE-2025-53511
+CVE-2025-53511 (A heap-based buffer overflow vulnerability exists in the MFER parsing ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/ba2f1c381b10f5ab50c94be3291b2560af0f7a96/
-CVE-2025-52461
+CVE-2025-52461 (An out-of-bounds read vulnerability exists in the Nex parsing function ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/6c6be44f302156c53a1c305d54ea1705e5f9054d/
-CVE-2025-54462
+CVE-2025-54462 (A heap-based buffer overflow vulnerability exists in the Nex parsing f ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/6c6be44f302156c53a1c305d54ea1705e5f9054d/
-CVE-2025-48005
+CVE-2025-48005 (A heap-based buffer overflow vulnerability exists in the RHS2000 parsi ...)
- biosig <unfixed>
NOTE: https://sourceforge.net/p/biosig/mailman/message/59224259/
NOTE: https://sourceforge.net/p/biosig/code/ci/cc49acf59adac883e1a4fadacc3e095de091eadd/
@@ -658,7 +820,7 @@ CVE-2024-58239 (In the Linux kernel, the following vulnerability has been resolv
[bookworm] - linux 6.1.82-1
[bullseye] - linux 5.10.216-1
NOTE: https://git.kernel.org/linus/fdfbaec5923d9359698cbb286bc0deadbb717504 (6.8-rc6)
-CVE-2025-8678 (The WP Crontrol plugin for WordPress is vulnerable to Server-Side Requ ...)
+CVE-2025-8678 (The WP Crontrol plugin for WordPress is vulnerable to blind Server-Sid ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8281 (The WP Talroo WordPress plugin through 2.4 does not sanitise and escap ...)
NOT-FOR-US: WordPress plugin
@@ -1026,7 +1188,7 @@ CVE-2025-9238 (A vulnerability was determined in Swatadru Exam-Seating-Arrangeme
NOT-FOR-US: Swatadru Exam-Seating-Arrangement
CVE-2025-9237 (A vulnerability was found in CodeAstro Ecommerce Website 1.0. This imp ...)
NOT-FOR-US: CodeAstro
-CVE-2025-9236 (A vulnerability has been found in Portabilis i-Diario up to 2.10. This ...)
+CVE-2025-9236 (A vulnerability has been found in Portabilis i-Educar up to 2.10. This ...)
NOT-FOR-US: Portabilis
CVE-2025-9235 (A flaw has been found in Scada-LTS up to 2.7.8.1. The impacted element ...)
NOT-FOR-US: Scada-LTS
@@ -1789,7 +1951,7 @@ CVE-2025-43738 (A reflected cross-site scripting (XSS) vulnerability in the Life
NOT-FOR-US: Liferay
CVE-2025-43737 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
NOT-FOR-US: Liferay
-CVE-2025-41689 (An unauthenticated remote attacker can grant access without password p ...)
+CVE-2025-41689 (An unauthenticated remote attacker can get access without password pro ...)
NOT-FOR-US: Motherbox
CVE-2025-41685 (A low-privileged remote attacker can obtain the username of another re ...)
NOT-FOR-US: SMA Solar Technology
@@ -2680,6 +2842,7 @@ CVE-2025-55207 (Astro is a web framework for content-driven websites. Following
CVE-2025-55203 (Plane is open-source project management software. Prior to version 0.2 ...)
NOT-FOR-US: Plane
CVE-2025-54989 (Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, an ...)
+ {DLA-4282-1}
- firebird3.0 3.0.13.ds7-1 (bug #1111321)
[bookworm] - firebird3.0 <no-dsa> (Minor issue)
- firebird4.0 4.0.6.3221.ds6-1 (bug #1111320)
@@ -10869,6 +11032,7 @@ CVE-2025-53644 (OpenCV is an Open Source Computer Vision Library. Versions prior
CVE-2024-6234
NOT-FOR-US: Ansible Automation Platform
CVE-2025-7700 [NULL Pointer Dereference in FFmpeg ALS Decoder (libavcodec/alsdec.c)]
+ {DSA-5985-1}
- ffmpeg <unfixed>
[trixie] - ffmpeg <postponed> (Minor issue, wait until it's fixed in the 7.1 branch)
[bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed in the 4.3 branch)
@@ -60937,7 +61101,7 @@ CVE-2025-22920 (A heap buffer overflow vulnerability in FFmpeg before commit 4bf
NOTE: Introduced with: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/545de54e3e0ce5ad1285aa5e111e6657ad803f79
NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4bf784c0e5615c3f934e677d5de093a8be7da7ae
CVE-2025-22919 (A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 ...)
- {DLA-4073-1}
+ {DSA-5985-1 DLA-4073-1}
- ffmpeg 7:7.1.1-1
NOTE: https://trac.ffmpeg.org/ticket/11385
NOTE: Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1446e37d3d032e1452844778b3e6ba2c20f0c322
@@ -62770,7 +62934,7 @@ CVE-2024-57951 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.12.11-1
[bookworm] - linux 6.1.128-1
NOTE: https://git.kernel.org/linus/2f8dea1692eef2b7ba6a256246ed82c365fdc686 (6.13)
-CVE-2025-26467
+CVE-2025-26467 (Privilege Defined With Unsafe Actions vulnerability in Apache Cassandr ...)
- cassandra <itp> (bug #585905)
CVE-2024-31068 (Improper Finite State Machines (FSMs) in Hardware Logic for some Intel ...)
{DLA-4095-1}
@@ -70184,7 +70348,7 @@ CVE-2025-20621 (Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <
CVE-2025-20072 (Mattermost Mobile versions <= 2.22.0 fail to properly validate the sty ...)
NOT-FOR-US: Mattermost Mobile
CVE-2025-0518 (Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg all ...)
- {DLA-4073-1}
+ {DSA-5985-1 DLA-4073-1}
- ffmpeg 7:7.1.1-1
NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a
NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/b827ac49b770635fc666f8543cb9585e1bc6308b (n7.1.1)
@@ -84048,12 +84212,12 @@ CVE-2024-35369 (In FFmpeg version n6.1.1, specifically within the avcodec/speexd
[bullseye] - ffmpeg <not-affected> (native speex decode introduced in v5.0)
NOTE: https://github.com/ffmpeg/ffmpeg/commit/0895ef0d6d6406ee6cd158fc4d47d80f201b8e9c (n7.0)
CVE-2024-35368 (FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame ...)
- {DLA-4039-1}
+ {DSA-5985-1 DLA-4039-1}
- ffmpeg 7:7.1-3
NOTE: https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c (n7.1)
NOTE: https://github.com/ffmpeg/ffmpeg/commit/d45964ac04a83f02cb6ddc63af6d0b646c7d9082 (n5.1.7)
CVE-2024-35367 (FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_alti ...)
- {DLA-4039-1}
+ {DSA-5985-1 DLA-4039-1}
- ffmpeg 7:7.0.1-3
NOTE: https://github.com/ffmpeg/ffmpeg/commit/09e6840cf7a3ee07a73c3ae88a020bf27ca1a667 (n7.0)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/1a874e645d4a0adef9b494482fc67d12d35395cd (n5.1.7)
@@ -118243,7 +118407,7 @@ CVE-2024-6791 (A directory path traversal vulnerability exists when loading a vs
NOT-FOR-US: NI VeriStand
CVE-2024-6717 (HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 arc ...)
- nomad <removed>
-CVE-2024-6420 (The Hide My WP Ghost WordPress plugin before 5.2.02 does not prevent ...)
+CVE-2024-6420 (The Hide My WP Ghost WordPress plugin before 5.2.02 does not prevent r ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6231 (The Request a Quote WordPress plugin before 2.4.1 does not sanitise an ...)
NOT-FOR-US: WordPress plugin
@@ -148074,6 +148238,7 @@ CVE-2023-50009 (FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow
NOTE: https://github.com/FFmpeg/FFmpeg/commit/c443658d26d2b8e19901f9507a890e0efca79056 (n7.0)
NOTE: https://trac.ffmpeg.org/ticket/10699
CVE-2023-50008 (FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the c ...)
+ {DSA-5985-1}
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[bullseye] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -148082,6 +148247,7 @@ CVE-2023-50008 (FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using
NOTE: https://github.com/FFmpeg/FFmpeg/commit/28a7db723971c73f02ab5ad5f0a45fa288775e0a (n5.1.7)
NOTE: https://trac.ffmpeg.org/ticket/10701
CVE-2023-50007 (FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a par ...)
+ {DSA-5985-1}
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[bullseye] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -148092,7 +148258,7 @@ CVE-2023-50007 (FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of
CVE-2023-49963 (DYMO LabelWriter Print Server through 2.366 contains a backdoor hard-c ...)
NOT-FOR-US: DYMO LabelWriter Print Server
CVE-2023-49502 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...)
- {DLA-3928-1}
+ {DSA-5985-1 DLA-3928-1}
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[buster] - ffmpeg <postponed> (Pick up when fixed in most related branch)
@@ -148594,6 +148760,7 @@ CVE-2024-31583 (Pytorch before version v2.2.0 was discovered to contain a use-af
[bullseye] - pytorch <no-dsa> (Minor issue)
NOTE: https://github.com/pytorch/pytorch/commit/9c7071b0e324f9fb68ab881283d6b8d388a4bcd2
CVE-2024-31582 (FFmpeg version n6.1 was discovered to contain a heap buffer overflow v ...)
+ {DSA-5985-1}
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[bullseye] - ffmpeg <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/188d3657ae84438b3c633715625a83ddcc1a2f5f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/188d3657ae84438b3c633715625a83ddcc1a2f5f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250825/001cd403/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list