[Git][security-tracker-team/security-tracker][master] Add new issues in mattermost-server, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 17 21:39:12 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9db6f084 by Salvatore Bonaccorso at 2025-12-17T22:38:42+01:00
Add new issues in mattermost-server, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,11 +47,11 @@ CVE-2025-65203 (KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stor
 CVE-2025-65185 (There is a username enumeration via local user login in Entrinsik Info ...)
 	TODO: check
 CVE-2025-62690 (Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs  ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2025-62521 (ChurchCRM is an open-source church management system. Prior to version ...)
 	TODO: check
 CVE-2025-62190 (Mattermost versions 11.0.x <= 11.0.4, 10.12.x <= 10.12.2, 10.11.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2025-61736 (Successful exploitation of this vulnerability could result in the prod ...)
 	TODO: check
 CVE-2025-53919 (An issue was discovered in the Portrait Dell Color Management applicat ...)
@@ -105,17 +105,17 @@ CVE-2025-14081 (The Ultimate Member plugin for WordPress is vulnerable to Profil
 CVE-2025-13537 (The Live Composer \u2013 Free WordPress Website Builder plugin for Wor ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-13352 (Mattermost versions 10.11.x <= 10.11.6 and Mattermost GitHub plugin ve ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2025-13326 (Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Run ...)
 	TODO: check
 CVE-2025-13324 (Mattermost versions 10.11.x <= 10.11.5, 11.0.x <= 11.0.4, 10.12.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2025-13321 (Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive info ...)
 	TODO: check
 CVE-2025-13217 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12689 (Mattermost versions 11.0.x <= 11.0.4, 10.12.x <= 10.12.2, 10.11.x <= 1 ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2024-46062 (Miniconda3 macOS installers before 23.11.0-1 contain a local privilege ...)
 	TODO: check
 CVE-2024-46060 (Anaconda3 macOS installers before 2024.06-1 contain a local privilege  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9db6f084228d6092eddb86ba525789ea244b2aed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9db6f084228d6092eddb86ba525789ea244b2aed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251217/441f6236/attachment.htm>

More information about the debian-security-tracker-commits mailing list