[Git][security-tracker-team/security-tracker][master] Add new golang issue
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 9 07:54:33 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e07afe8a by Salvatore Bonaccorso at 2025-07-09T08:54:09+02:00
Add new golang issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2025-4674
+ - golang-1.24 <unfixed>
+ - golang-1.23 <unfixed>
+ - golang-1.19 <removed>
+ - golang-1.15 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/gTNJnDXmn34
+ NOTE: https://github.com/golang/go/commit/825eeee3f789a11231ce23a4836c74ec5e34bf2a (go1.24.5)
+ NOTE: https://github.com/golang/go/commit/e9d2c032b14c17083be0f8f0c822565199d2994f (go1.23.11)
+ NOTE: https://github.com/golang/go/issues/74380
CVE-2025-7363 (The TitleIcon extension for MediaWiki is vulnerable to stored XSS thro ...)
TODO: check
CVE-2025-7362 (The MsUpload extension for MediaWiki is vulnerable to stored XSS via t ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e07afe8a3989ee771655011d54211c06f1370728
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e07afe8a3989ee771655011d54211c06f1370728
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250709/f5ce6a9b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list