[Git][security-tracker-team/security-tracker][master] Add new issues for weblate, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 16 22:04:13 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d84d89e0 by Salvatore Bonaccorso at 2025-12-16T23:03:52+01:00
Add new issues for weblate, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -757,9 +757,9 @@ CVE-2025-67735 (Netty is an asynchronous, event-driven network application frame
 CVE-2025-67722 (FreePBX is an open-source web-based graphical user interface (GUI) tha ...)
 	NOT-FOR-US: FreePBX
 CVE-2025-67715 (Weblate is a web based localization tool. In versions prior to 5.15, i ...)
-	TODO: check
+	- weblate <itp> (bug #745661)
 CVE-2025-67492 (Weblate is a web based localization tool. In versions prior to 5.15, i ...)
-	TODO: check
+	- weblate <itp> (bug #745661)
 CVE-2025-66635 (Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Co ...)
 	NOT-FOR-US: SEIKO EPSON Web Config
 CVE-2025-66482 (Misskey is an open source, federated social media platform. Attackers  ...)
@@ -767,7 +767,7 @@ CVE-2025-66482 (Misskey is an open source, federated social media platform. Atta
 CVE-2025-66449 (ConvertXis a self-hosted online file converter. In versions prior to 0 ...)
 	NOT-FOR-US: ConvertXis
 CVE-2025-66407 (Weblate is a web based localization tool. The Create Component functio ...)
-	TODO: check
+	- weblate <itp> (bug #745661)
 CVE-2025-66402 (Misskey is an open source, federated social media platform. Starting i ...)
 	NOT-FOR-US: Misskey
 CVE-2025-66357 (CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper che ...)
@@ -843,7 +843,7 @@ CVE-2025-65075 (WaveView client allows users to execute restricted set of predef
 CVE-2025-65074 (WaveView client allows users to execute restricted set of predefined c ...)
 	NOT-FOR-US: WaveView client
 CVE-2025-64725 (Weblate is a web based localization tool. In versions prior to 5.15, i ...)
-	TODO: check
+	- weblate <itp> (bug #745661)
 CVE-2025-64639 (Missing Authorization vulnerability in WP Compress WP Compress for Mai ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-64638 (Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommer ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d84d89e0ba6d4cf1e0847c2e10c8886fff50cbe1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d84d89e0ba6d4cf1e0847c2e10c8886fff50cbe1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251216/78f2c5b4/attachment.htm>

More information about the debian-security-tracker-commits mailing list