[Git][security-tracker-team/security-tracker][master] Add CVE-2025-1795/python

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 28 20:43:05 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b0688ca by Salvatore Bonaccorso at 2025-02-28T21:42:30+01:00
Add CVE-2025-1795/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55,7 +55,15 @@ CVE-2025-20060 (An attacker could expose cross-user personal identifiable inform
 CVE-2025-20049 (The Dario Health portal service application is vulnerable to XSS, whic ...)
 	TODO: check
 CVE-2025-1795 (During an address list folding when a separating comma ends up on a fo ...)
-	TODO: check
+	- python3.13 3.13.0~b1-1
+	- python3.12 3.12.9-1
+	- python3.11 <removed>
+	- python3.9 <removed>
+	NOTE: https://github.com/python/cpython/issues/100884
+	NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/
+	NOTE: Fixed by: https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 (v3.13.0a5)
+	NOTE: Fixed by: https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 (v3.12.3)
+	NOTE: Fixed by: https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 (v3.11.9)
 CVE-2025-1776 (Cross-Site Scripting (XSS) vulnerability in Soteshop, versions prior t ...)
 	NOT-FOR-US: Soteshop
 CVE-2025-1749 (HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. Th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b0688ca5b4e595a9514b97af42c65c9614db2ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b0688ca5b4e595a9514b97af42c65c9614db2ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250228/720cf96f/attachment.htm>

More information about the debian-security-tracker-commits mailing list