[Git][security-tracker-team/security-tracker][master] new libplack-middleware-session-perl issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a359e411 by Moritz Muehlenhoff at 2025-07-16T15:25:13+02:00
new libplack-middleware-session-perl issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2025-40923
+	- libplack-middleware-session-perl <unfixed>
+	[bookworm] - libplack-middleware-session-perl <no-dsa> (Minor issue)
+	NOTE: https://lists.security.metacpan.org/cve-announce/msg/31223483/
+	NOTE: https://github.com/plack/Plack-Middleware-Session/pull/52
+	NOTE: https://github.com/plack/Plack-Middleware-Session/commit/1fbfbb355e34e7f4b3906f66cf958cedadd2b9be (0.35)
 CVE-2025-27210
 	- nodejs <not-affected> (Only affects Windows)
 	NOTE: https://nodejs.org/en/blog/vulnerability/july-2025-security-releases#windows-device-names-con-prn-aux-bypass-path-traversal-protection-in-pathnormalize-cve-2025-27210---high



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a359e411b3aaac0de774eae50484d89f86b8ebd3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a359e411b3aaac0de774eae50484d89f86b8ebd3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250716/164d309a/attachment.htm>