[Git][security-tracker-team/security-tracker][master] Add CVE-2025-25299/ckeditor, but keep it as undetermined for now
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 24 08:46:35 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
afa53cdb by Salvatore Bonaccorso at 2025-02-24T09:46:00+01:00
Add CVE-2025-25299/ckeditor, but keep it as undetermined for now
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -405,7 +405,10 @@ CVE-2025-25973 (A stored Cross Site Scripting vulnerability in the "related reco
CVE-2025-25968 (DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper acc ...)
NOT-FOR-US: DDSN Interactive cm3 Acora CMS
CVE-2025-25299 (CKEditor 5 is a modern JavaScript rich-text editor with an MVC archite ...)
- TODO: check
+ - ckeditor <undetermined>
+ NOTE: https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-j3mm-wmfm-mwvh
+ NOTE: https://ckeditor.com/docs/ckeditor5/latest/features/collaboration/real-time-collaboration/real-time-collaboration.html
+ TODO: check, specific to Version 5 and then not-affected
CVE-2025-24893 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
CVE-2025-21106 (Dell Recover Point for Virtual Machines 6.0.X contains a Weak file sys ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afa53cdbd9820fff9821ca7660eb50ac1dc2f451
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afa53cdbd9820fff9821ca7660eb50ac1dc2f451
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250224/4e583ac3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list