[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69217/coturn
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 30 08:29:59 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5579db3a by Salvatore Bonaccorso at 2025-12-30T09:29:30+01:00
Add CVE-2025-69217/coturn
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,7 +3,10 @@ CVE-2025-69235 (Whale browser before 4.35.351.12 allows an attacker to bypass th
CVE-2025-69234 (Whale browser before 4.35.351.12 allows an attacker to escape the ifra ...)
NOT-FOR-US: Whale browser
CVE-2025-69217 (coturn is a free open source implementation of TURN and STUN Server. V ...)
- TODO: check
+ - coturn <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/coturn/coturn/security/advisories/GHSA-fvj6-9jhg-9j84
+ NOTE: Introduced with: https://github.com/coturn/coturn/commit/88ced471385869d7e7fbbc4766e78ef521b36af6 (4.6.3)
+ NOTE: Fixed by: https://github.com/coturn/coturn/commit/11fc465f4bba70bb0ad8aae17d6c4a63a29917d9
CVE-2025-69205 (Micro Registration Utility (\xb5URU) is a telephone self registration ...)
NOT-FOR-US: Micro Registration Utility
CVE-2025-68860 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5579db3adbc091842f551d1146d292d7d0189efa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5579db3adbc091842f551d1146d292d7d0189efa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251230/43436bb8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list