[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 18 20:13:16 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
db82479c by security tracker role at 2025-12-18T20:13:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,250 @@
-CVE-2025-68325 [net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop]
+CVE-2025-9787 (Zohocorp ManageEngine Applications Manager versions 177400 and below a ...)
+ TODO: check
+CVE-2025-7358 (Use of Hard-coded Credentials vulnerability in Utarit Informatics Serv ...)
+ TODO: check
+CVE-2025-7047 (Missing Authorization vulnerability in Utarit Informatics Services Inc ...)
+ TODO: check
+CVE-2025-68469 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2025-68278 (Tina is a headless content management system. In tinacms prior to vers ...)
+ TODO: check
+CVE-2025-67745 (MyHoard is a daemon for creating, managing and restoring MySQL backups ...)
+ TODO: check
+CVE-2025-66058 (Missing Authorization vulnerability in PickPlugins Post Grid and Guten ...)
+ TODO: check
+CVE-2025-65568 (A denial-of-service vulnerability exists in the omec-project UPF (pfcp ...)
+ TODO: check
+CVE-2025-65567 (A denial-of-service vulnerability exists in the omec-project UPF (pfcp ...)
+ TODO: check
+CVE-2025-65566 (A denial-of-service vulnerability exists in the omec-project UPF (pfcp ...)
+ TODO: check
+CVE-2025-65565 (A denial-of-service vulnerability exists in the omec-project UPF (pfcp ...)
+ TODO: check
+CVE-2025-65564 (A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcp ...)
+ TODO: check
+CVE-2025-65563 (A denial-of-service vulnerability exists in the omec-project UPF (comp ...)
+ TODO: check
+CVE-2025-65562 (The free5GC UPF suffers from a lack of bounds checking on the SEID whe ...)
+ TODO: check
+CVE-2025-65561 (An issue was discovered in function LocalNode.Sess in free5GC 4.1.0 al ...)
+ TODO: check
+CVE-2025-65559 (An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing ...)
+ TODO: check
+CVE-2025-65011 (In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) an u ...)
+ TODO: check
+CVE-2025-65010 (WODESYSWD-R608U router (also known as WDR122B V2.0 and WDR28) is vulne ...)
+ TODO: check
+CVE-2025-65009 (In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28)admin ...)
+ TODO: check
+CVE-2025-65008 (In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28)due t ...)
+ TODO: check
+CVE-2025-65007 (In WODESYS WD-R608U router (also known asWDR122B V2.0 and WDR28) due t ...)
+ TODO: check
+CVE-2025-65000 (SSH private keys of the "Remote alert handlers (Linux)" rule were expo ...)
+ TODO: check
+CVE-2025-64997 (Insufficient permission validation in Checkmk versions prior to 2.4.0p ...)
+ TODO: check
+CVE-2025-64724 (Arduino IDE is an integrated development environment. Prior to version ...)
+ TODO: check
+CVE-2025-64723 (Arduino IDE is an integrated development environment. Prior to version ...)
+ TODO: check
+CVE-2025-64469 (There is a stack-based buffer overflow vulnerability in NI LabVIEW in ...)
+ TODO: check
+CVE-2025-64468 (There is a use-after-free vulnerability in sentry!sentry_span_set_data ...)
+ TODO: check
+CVE-2025-64467 (There is an out of bounds read vulnerability in NI LabVIEW in LVResFil ...)
+ TODO: check
+CVE-2025-64466 (There is an out of bounds read vulnerability in NI LabVIEW in lvre!Exe ...)
+ TODO: check
+CVE-2025-64465 (There is an out of bounds read vulnerability in NI LabVIEW in lvre!Dat ...)
+ TODO: check
+CVE-2025-64464 (There is an out of bounds read vulnerability in NI LabVIEW in lvre!Vis ...)
+ TODO: check
+CVE-2025-64463 (There is an out of bounds read vulnerability in NI LabVIEW in LVResour ...)
+ TODO: check
+CVE-2025-64462 (There is an out of bounds read vulnerability in NI LabVIEW in LVResFil ...)
+ TODO: check
+CVE-2025-64461 (There is an out of bounds write vulnerability in NI LabVIEW in mgocre_ ...)
+ TODO: check
+CVE-2025-64400 (Control Panel provides an API for pre-registering into an enrollment ...)
+ TODO: check
+CVE-2025-64355 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-64282 (Authorization Bypass Through User-Controlled Key vulnerability in Radi ...)
+ TODO: check
+CVE-2025-64236 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2025-64235 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-63757 (Integer overflow vulnerability in the yuv2ya16_X_c_template function i ...)
+ TODO: check
+CVE-2025-63391 (An authentication bypass vulnerability exists in Open-WebUI <=0.6.32 i ...)
+ TODO: check
+CVE-2025-63390 (An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in ...)
+ TODO: check
+CVE-2025-63389 (A critical authentication bypass vulnerability exists in Ollama platfo ...)
+ TODO: check
+CVE-2025-63388 (A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability ...)
+ TODO: check
+CVE-2025-63387 (Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated ...)
+ TODO: check
+CVE-2025-63386 (A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability ...)
+ TODO: check
+CVE-2025-63043 (Authorization Bypass Through User-Controlled Key vulnerability in Pick ...)
+ TODO: check
+CVE-2025-63002 (Missing Authorization vulnerability in wpforchurch Sermon Manager allo ...)
+ TODO: check
+CVE-2025-62998 (Insertion of Sensitive Information Into Sent Data vulnerability in WP ...)
+ TODO: check
+CVE-2025-62961 (Missing Authorization vulnerability in Sparkle WP Sparkle FSE allows E ...)
+ TODO: check
+CVE-2025-62960 (Missing Authorization vulnerability in Sparkle WP Construction Light a ...)
+ TODO: check
+CVE-2025-59949 (FreshRSS is a free, self-hostable RSS aggregator. Versions prior to 1. ...)
+ TODO: check
+CVE-2025-56157 (Default credentials in Dify thru 1.5.1. PostgreSQL username and passwo ...)
+ TODO: check
+CVE-2025-40898 (A path traversal vulnerability was discovered in the Import Arc data a ...)
+ TODO: check
+CVE-2025-40893 (A Stored HTML Injection vulnerability was discovered in the Asset List ...)
+ TODO: check
+CVE-2025-40892 (A Stored Cross-Site Scripting vulnerability was discovered in the Repo ...)
+ TODO: check
+CVE-2025-40891 (A Stored HTML Injection vulnerability was discovered in the Time Machi ...)
+ TODO: check
+CVE-2025-40602 (A local privilege escalation vulnerability due to insufficient authori ...)
+ TODO: check
+CVE-2025-1031 (Authorization Bypass Through User-Controlled Key vulnerability in Utar ...)
+ TODO: check
+CVE-2025-1030 (Exposure of Private Personal Information to an Unauthorized Actor vuln ...)
+ TODO: check
+CVE-2025-1029 (Use of Hard-coded Credentials vulnerability in Utarit Information Serv ...)
+ TODO: check
+CVE-2025-14896 (due to insufficient sanitazation in Vega\u2019s `convert()` function w ...)
+ TODO: check
+CVE-2025-14889 (A security flaw has been discovered in Campcodes Advanced Voting Manag ...)
+ TODO: check
+CVE-2025-14885 (A flaw has been found in SourceCodester Client Database Management Sys ...)
+ TODO: check
+CVE-2025-14884 (A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by t ...)
+ TODO: check
+CVE-2025-14879 (A weakness has been identified in Tenda WH450 1.0.0.18. Affected is an ...)
+ TODO: check
+CVE-2025-14878 (A security flaw has been discovered in Tenda WH450 1.0.0.18. This impa ...)
+ TODO: check
+CVE-2025-14877 (A vulnerability was identified in Campcodes Supplier Management System ...)
+ TODO: check
+CVE-2025-14874 (A flaw was found in Nodemailer. This vulnerability allows a denial of ...)
+ TODO: check
+CVE-2025-14861 (Memory safety bugs present in Firefox 146. Some of these bugs showed e ...)
+ TODO: check
+CVE-2025-14860 (Use-after-free in the Disability Access APIs component. This vulnerabi ...)
+ TODO: check
+CVE-2025-14823 (In deployments using the ScreenConnect\u2122 Certificate Signing Exten ...)
+ TODO: check
+CVE-2025-14744 (Unicode RTLO characters could allow malicious websites to spoof filena ...)
+ TODO: check
+CVE-2025-14739 (Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR ...)
+ TODO: check
+CVE-2025-14738 (Improper authentication vulnerability in TP-Link WA850RE (httpd module ...)
+ TODO: check
+CVE-2025-14737 (Command Injection vulnerability in TP-Link WA850RE (httpd modules) all ...)
+ TODO: check
+CVE-2025-14618 (The Sweet Energy Efficiency plugin for WordPress is vulnerable to unau ...)
+ TODO: check
+CVE-2025-14437 (The Hummingbird Performance plugin for WordPress is vulnerable to Sens ...)
+ TODO: check
+CVE-2025-14364 (The Demo Importer Plus plugin for WordPress is vulnerable to unauthori ...)
+ TODO: check
+CVE-2025-14277 (The Prime Slider \u2013 Addons for Elementor plugin for WordPress is v ...)
+ TODO: check
+CVE-2025-13730 (The OpenID Connect Generic Client plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2025-13641 (The Photo Gallery, Sliders, Proofing and Themes \u2013 NextGEN Gallery ...)
+ TODO: check
+CVE-2025-13110 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
+ TODO: check
+CVE-2025-10910 (A flaw in the binding process of Govee\u2019s cloud platform and devic ...)
+ TODO: check
+CVE-2024-58323 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2024-58322 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2024-58321 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2024-58320 (An information disclosure vulnerability in Kentico Xperience allows pu ...)
+ TODO: check
+CVE-2024-58319 (A reflected cross-site scripting vulnerability in Kentico Xperience al ...)
+ TODO: check
+CVE-2024-58318 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2024-58317 (A cookie security configuration vulnerability in Kentico Xperience all ...)
+ TODO: check
+CVE-2023-53944 (EasyPHP Webserver 14.1 contains a path traversal vulnerability that al ...)
+ TODO: check
+CVE-2023-53943 (GLPI 9.5.7 contains a username enumeration vulnerability in the lost p ...)
+ TODO: check
+CVE-2023-53942 (File Thingie 2.5.7 contains an authenticated file upload vulnerability ...)
+ TODO: check
+CVE-2023-53941 (EasyPHP Webserver 14.1 contains an OS command injection vulnerability ...)
+ TODO: check
+CVE-2023-53940 (Codigo Markdown Editor 1.0.1 contains a code execution vulnerability t ...)
+ TODO: check
+CVE-2023-53939 (TinyWebGallery v2.5 contains a stored cross-site scripting vulnerabili ...)
+ TODO: check
+CVE-2023-53938 (RockMongo 1.1.7 contains a stored cross-site scripting vulnerability t ...)
+ TODO: check
+CVE-2023-53937 (Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability th ...)
+ TODO: check
+CVE-2023-53936 (Cameleon CMS 2.7.4 contains a persistent cross-site scripting vulnerab ...)
+ TODO: check
+CVE-2023-53935 (WBiz Desk 1.2 contains a SQL injection vulnerability that allows non-a ...)
+ TODO: check
+CVE-2023-53934 (A denial of service vulnerability in Kentico Xperience allows attacker ...)
+ TODO: check
+CVE-2023-53738 (A reflected cross-site scripting vulnerability in Kentico Xperience al ...)
+ TODO: check
+CVE-2023-53737 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2023-53736 (A reflected cross-site scripting vulnerability in Kentico Xperience al ...)
+ TODO: check
+CVE-2022-50686 (An information disclosure vulnerability in Kentico Xperience allows at ...)
+ TODO: check
+CVE-2022-50685 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2022-50684 (An HTML injection vulnerability in Kentico Xperience allows attackers ...)
+ TODO: check
+CVE-2022-50683 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2022-50682 (A CRLF injection vulnerability in Kentico Xperience allows attackers t ...)
+ TODO: check
+CVE-2022-50681 (A reflected cross-site scripting vulnerability in Kentico Xperience al ...)
+ TODO: check
+CVE-2022-50680 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2021-47712 (A cryptography vulnerability in Kentico Xperience allows attackers to ...)
+ TODO: check
+CVE-2021-47711 (A SQL injection vulnerability in Kentico Xperience allows authenticate ...)
+ TODO: check
+CVE-2020-36891 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2020-36890 (An access control bypass vulnerability in Kentico Xperience allows adm ...)
+ TODO: check
+CVE-2020-36889 (A stored cross-site scripting vulnerability in Kentico Xperience allow ...)
+ TODO: check
+CVE-2019-25230 (An information disclosure vulnerability in Kentico Xperience allows au ...)
+ TODO: check
+CVE-2019-25229 (An unrestricted file upload vulnerability in Kentico Xperience allows ...)
+ TODO: check
+CVE-2019-25228 (An information disclosure vulnerability in Kentico Xperience allows at ...)
+ TODO: check
+CVE-2025-68325 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/9fefc78f7f02d71810776fdeb119a05a946a27cc (6.19-rc1)
-CVE-2025-68324 [scsi: imm: Fix use-after-free bug caused by unfinished delayed work]
+CVE-2025-68324 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ab58153ec64fa3fc9aea09ca09dc9322e0b54a7c (6.19-rc1)
-CVE-2025-68323 [usb: typec: ucsi: fix use-after-free caused by uec->work]
+CVE-2025-68323 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -2369,10 +2609,12 @@ CVE-2025-14652 (A vulnerability was found in itsourcecode Online Cake Ordering S
CVE-2025-14651 (A vulnerability has been found in MartialBE one-hub up to 0.14.27. Thi ...)
NOT-FOR-US: MartialBE one-hub
CVE-2025-68461 (Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cr ...)
+ {DLA-4415-1}
- roundcube 1.6.12+dfsg-1 (bug #1122899)
NOTE: https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/bfa032631c36b900e7444dfa278340b33cbf7cdb (1.6.12)
CVE-2025-68460 (Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a in ...)
+ {DLA-4415-1}
- roundcube 1.6.12+dfsg-1 (bug #1122899)
NOTE: https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12
NOTE: Fixed by: https://github.com/roundcube/roundcubemail/commit/08de250fba731b634bed188bbe18d2f6ef3c7571 (1.6.12)
@@ -2410,7 +2652,7 @@ CVE-2025-12696 (The HelloLeads CRM Form Shortcode WordPress plugin through 1.0 d
NOT-FOR-US: WordPress plugin
CVE-2025-12537 (The Addon Elements for Elementor plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-67896 (Exim before 4.99.1 allows remote heap corruption that will be further ...)
+CVE-2025-67896 (Exim before 4.99.1, with certain non-default rate-limit configurations ...)
- exim4 4.99-7
[trixie] - exim4 <not-affected> (Vulnerable code not present)
[bookworm] - exim4 <not-affected> (Vulnerable code not present)
@@ -2536,7 +2778,7 @@ CVE-2025-46276 (An information disclosure issue was addressed with improved priv
CVE-2025-43542 (This issue was addressed with improved state management. This issue is ...)
NOT-FOR-US: Apple
CVE-2025-43541 (A type confusion issue was addressed with improved state handling. Thi ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -2548,7 +2790,7 @@ CVE-2025-43539 (The issue was addressed with improved bounds checks. This issue
CVE-2025-43538 (A logging issue was addressed with improved data redaction. This issue ...)
NOT-FOR-US: Apple
CVE-2025-43536 (A use-after-free issue was addressed with improved memory management. ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -2556,7 +2798,7 @@ CVE-2025-43536 (A use-after-free issue was addressed with improved memory manage
[bullseye] - wpewebkit <end-of-life> (see #1035997)
NOTE: https://webkitgtk.org/security/WSA-2025-0010.html
CVE-2025-43535 (The issue was addressed with improved memory handling. This issue is f ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -2566,7 +2808,7 @@ CVE-2025-43535 (The issue was addressed with improved memory handling. This issu
CVE-2025-43532 (A memory corruption issue was addressed with improved bounds checking. ...)
NOT-FOR-US: Apple
CVE-2025-43531 (A race condition was addressed with improved state handling. This issu ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -2576,7 +2818,7 @@ CVE-2025-43531 (A race condition was addressed with improved state handling. Thi
CVE-2025-43530 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
CVE-2025-43529 (A use-after-free issue was addressed with improved memory management. ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -2614,7 +2856,7 @@ CVE-2025-43509 (This issue was addressed with improved data protection. This iss
CVE-2025-43506 (A logic error was addressed with improved error handling. This issue i ...)
NOT-FOR-US: Apple
CVE-2025-43501 (A buffer overflow issue was addressed with improved memory handling. T ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
[trixie] - wpewebkit <ignored> (wpewebkit not covered by security support in Trixie)
@@ -2851,7 +3093,7 @@ CVE-2025-14565 (A vulnerability was identified in kidaze CourseSelectionSystem u
CVE-2025-14442 (The Secure Copy Content Protection and Content Locking plugin for Word ...)
NOT-FOR-US: WordPress plugin
CVE-2025-14174 (Out of bounds memory access in ANGLE in Google Chrome on Mac prior to ...)
- {DSA-6083-1}
+ {DSA-6083-1 DLA-4414-1}
- chromium <not-affected> (Only affects Chromium on MacOS)
- webkit2gtk 2.50.4-1
- wpewebkit 2.50.4-1
@@ -6109,6 +6351,7 @@ CVE-2022-50631 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/96df59b1ae23f5c11698c3c2159aeb2ecd4944a4 (6.2-rc1)
CVE-2025-62408 (c-ares is an asynchronous resolver library. Versions 1.32.3 through 1. ...)
+ {DSA-6084-1}
- c-ares 1.34.6-1
[bookworm] - c-ares <not-affected> (Vulnerable code introduced later)
[bullseye] - c-ares <not-affected> (Vulnerable code introduced later)
@@ -278415,10 +278658,10 @@ CVE-2023-23608 (Spotipy is a light weight Python library for the Spotify Web API
NOT-FOR-US: Spotipy
CVE-2023-23607 (erohtar/Dasherr is a dashboard for self-hosted services. In affected v ...)
NOT-FOR-US: Dasherr
-CVE-2023-23606 (Memory safety bugs present in Firefox 108. Some of these bugs showed e ...)
+CVE-2023-23606 (Mozilla developers and the Mozilla Fuzzing Team reported memory safety ...)
- firefox 109.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23606
-CVE-2023-23605 (Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some ...)
+CVE-2023-23605 (Mozilla developers and the Mozilla Fuzzing Team reported memory safety ...)
{DSA-5355-1 DSA-5322-1 DLA-3324-1 DLA-3275-1}
- firefox 109.0-1
- firefox-esr 102.7.0esr-1
@@ -278426,7 +278669,7 @@ CVE-2023-23605 (Memory safety bugs present in Firefox 108 and Firefox ESR 102.6.
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23605
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23605
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/#CVE-2023-23605
-CVE-2023-23604 (A duplicate <code>SystemPrincipal</code> object could be created when ...)
+CVE-2023-23604 (A duplicate `SystemPrincipal` object could be created when parsing a n ...)
- firefox 109.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/#CVE-2023-23604
CVE-2023-23603 (Regular expressions used to filter out forbidden properties and values ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db82479c6bf281c766ed8b069ba87fd463cae96a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db82479c6bf281c766ed8b069ba87fd463cae96a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251218/b728ff17/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list