[Git][security-tracker-team/security-tracker][master] CVE-2025-68920/ckermit assigend

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 25 08:30:44 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6c1681a7 by Salvatore Bonaccorso at 2025-12-25T09:30:22+01:00
CVE-2025-68920/ckermit assigend

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,8 +2,6 @@ CVE-2025-8769 (Telenium Online Web Application is vulnerable due to a Perl scrip
 	NOT-FOR-US: Telenium Online Web Application
 CVE-2025-68922 (OpenOps before 0.6.11 allows remote code execution in the Terraform bl ...)
 	NOT-FOR-US: OpenOps
-CVE-2025-68920 (C-Kermit (aka ckermit) through 10.0 Beta.12 (aka 416-beta12) before 24 ...)
-	TODO: check
 CVE-2025-68919 (Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Managem ...)
 	TODO: check
 CVE-2025-68917 (ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment ...)
@@ -5343,11 +5341,12 @@ CVE-2025-14282 [privilege escalation via unix stream socket forwarding]
 	NOTE: https://github.com/turistu/odds-n-ends/blob/main/CVE-2025-14282.md
 CVE-2025-14439
 	NOT-FOR-US: OpenUSD
-CVE-2025-XXXX [Malicious remote can overwrite and exfiltrate local files]
+CVE-2025-68920 [Malicious remote can overwrite and exfiltrate local files]
 	- ckermit 416~beta12-5 (bug #1123025)
 	[trixie] - ckermit <no-dsa> (Minor issue; documented; can be fixed via point release)
 	[bookworm] - ckermit <no-dsa> (Minor issue; documented; can be fixed via point release)
 	[bullseye] - ckermit <postponed> (Minor issue; documented)
+	NOTE: https://github.com/KermitProject/ckermit/pull/20
 CVE-2025-67809 (An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A ...)
 	NOT-FOR-US: Zimbra
 CVE-2025-66963 (An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obt ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c1681a7e671b7b47b8f89e2bf64f39722f94113

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c1681a7e671b7b47b8f89e2bf64f39722f94113
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251225/4217c67f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list