[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13912/wolfssl
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 11 20:48:53 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9178c89c by Salvatore Bonaccorso at 2025-12-11T21:48:02+01:00
Add CVE-2025-13912/wolfssl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -267,7 +267,11 @@ CVE-2025-14265 (In versions of ScreenConnect\u2122 prior to 25.8, server-side va
CVE-2025-14046 (An improper neutralization of input vulnerability was identified in Gi ...)
NOT-FOR-US: Github Enterprise Server
CVE-2025-13912 (Multiple constant-time implementations in wolfSSL before version 5.8.4 ...)
- TODO: check
+ - wolfssl 5.8.4-1
+ [trixie] - wolfssl <no-dsa> (Minor issue)
+ [bookworm] - wolfssl <no-dsa> (Minor issue)
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9148
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/234ba7780ad3b7c8c1509973accdc43ed6c328b3 (v5.8.4-stable)
CVE-2025-13780 (pgAdmin versions up to 9.10 are affected by a Remote Code Execution (R ...)
- pgadmin4 <itp> (bug #834129)
CVE-2025-13481 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticat ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9178c89cc6990aacf438e2200d9edf03e20cd89a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9178c89cc6990aacf438e2200d9edf03e20cd89a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251211/8d9ad01f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list