[Git][security-tracker-team/security-tracker][master] Add CVE-2025-65637/golang-logrus
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 4 21:02:00 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
57be444a by Salvatore Bonaccorso at 2025-12-04T22:01:25+01:00
Add CVE-2025-65637/golang-logrus
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16,7 +16,12 @@ CVE-2025-65883 (A vulnerability has been identified in Genexis Platinum P4410 ro
CVE-2025-65806 (The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handl ...)
NOT-FOR-US: E-POINT CMS
CVE-2025-65637 (A denial-of-service vulnerability exists in github.com/sirupsen/logrus ...)
- TODO: check
+ - golang-logrus 1.9.3-1
+ NOTE: https://github.com/mjuanxd/logrus-dos-poc
+ NOTE: https://github.com/sirupsen/logrus/issues/1370
+ NOTE: https://github.com/sirupsen/logrus/pull/1384
+ NOTE: https://github.com/sirupsen/logrus/pull/1376
+ NOTE: Fixed by: https://github.com/sirupsen/logrus/commit/f9291a534cac1466d26414fd9e326381cd64ecef (v1.9.3)
CVE-2025-65516 (A stored cross-site scripting (XSS) vulnerability was discovered in Se ...)
TODO: check
CVE-2025-65346 (alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Direct ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57be444ac9493829e1d31f2079f867fb85854934
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57be444ac9493829e1d31f2079f867fb85854934
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251204/d3e03745/attachment.htm>
More information about the debian-security-tracker-commits
mailing list