[Git][security-tracker-team/security-tracker][master] Add CVE-2025-60458/uxplay
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 29 20:37:31 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1cfa3adf by Salvatore Bonaccorso at 2025-12-29T21:37:05+01:00
Add CVE-2025-60458/uxplay
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -63,7 +63,9 @@ CVE-2025-65570 (A type confusion in jsish 2.0 allows incorrect control flow duri
CVE-2025-65442 (DOM-based Cross-Site Scripting (XSS) vulnerability in 201206030 novel ...)
TODO: check
CVE-2025-60458 (UxPlay 1.72 contains a double free vulnerability in its RTSP request h ...)
- TODO: check
+ - uxplay <unfixed>
+ NOTE: https://github.com/0pepsi/CVE-2025-60458
+ TODO: check upstream status, possibly not reported
CVE-2025-57462 (Reflected Cross site scripting (xss) in machsol machpanel 8.0.32 allow ...)
TODO: check
CVE-2025-57460 (File upload vulnerability in machsol machpanel 8.0.32 allows attacker ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cfa3adfd364f186b9bb5f327a3ee6a5b7ac71d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cfa3adfd364f186b9bb5f327a3ee6a5b7ac71d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251229/4f902fb8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list