[Git][security-tracker-team/security-tracker][master] Add CVE-2025-57804/python-h2
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 26 19:52:41 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9d70220b by Salvatore Bonaccorso at 2025-08-26T20:52:11+02:00
Add CVE-2025-57804/python-h2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -78,7 +78,9 @@ CVE-2025-57809 (XGrammar is an open-source library for efficient, flexible, and
CVE-2025-57805 (The Scratch Channel is a news website. In versions 1 and 1.1, a POST r ...)
NOT-FOR-US: The Scratch Channel
CVE-2025-57804 (h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior t ...)
- TODO: check
+ - python-h2 <unfixed>
+ NOTE: https://github.com/python-hyper/h2/security/advisories/GHSA-847f-9342-265h
+ NOTE: https://github.com/python-hyper/h2/commit/035e9899f95e3709af098f578bfc3cd302298e3a (v4.3.0)
CVE-2025-57704 (Delta Electronics EIP Builder version 1.11 is vulnerable to a File Par ...)
NOT-FOR-US: Delta Electronics
CVE-2025-53419 (Delta Electronics COMMGR has Code Injection vulnerability.)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d70220b80239c4cfbee6f0fbdf29cad20acd0ae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d70220b80239c4cfbee6f0fbdf29cad20acd0ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250826/ad8950f0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list