[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 28 09:12:16 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2137082e by security tracker role at 2025-07-28T08:12:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2025-8267 (Versions of the package ssrfcheck before 1.2.0 are vulnerable to Serve ...)
+	TODO: check
+CVE-2025-8263 (A vulnerability was found in prettier up to 3.6.2. It has been declare ...)
+	TODO: check
+CVE-2025-8262 (A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been c ...)
+	TODO: check
+CVE-2025-8261 (A vulnerability was found in Vaelsys 4.1.0 and classified as critical. ...)
+	TODO: check
+CVE-2025-8260 (A vulnerability has been found in Vaelsys 4.1.0 and classified as prob ...)
+	TODO: check
+CVE-2025-8259 (A vulnerability, which was classified as critical, was found in Vaelsy ...)
+	TODO: check
+CVE-2025-8258 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2025-8257 (A vulnerability classified as problematic was found in Lobby Universe  ...)
+	TODO: check
+CVE-2025-8256 (A vulnerability classified as critical has been found in code-projects ...)
+	TODO: check
+CVE-2025-8255 (A vulnerability was found in code-projects Exam Form Submission 1.0. I ...)
+	TODO: check
+CVE-2025-8254 (A vulnerability was found in Campcodes Courier Management System 1.0.  ...)
+	TODO: check
+CVE-2025-8253 (A vulnerability was found in code-projects Exam Form Submission 1.0. I ...)
+	TODO: check
+CVE-2025-8252 (A vulnerability was found in code-projects Exam Form Submission 1.0 an ...)
+	TODO: check
+CVE-2025-8251 (A vulnerability has been found in code-projects Exam Form Submission 1 ...)
+	TODO: check
+CVE-2025-8250 (A vulnerability, which was classified as critical, was found in code-p ...)
+	TODO: check
+CVE-2025-8249 (A vulnerability, which was classified as critical, has been found in c ...)
+	TODO: check
+CVE-2025-8248 (A vulnerability classified as critical was found in code-projects Onli ...)
+	TODO: check
+CVE-2025-8247 (A vulnerability classified as critical has been found in Projectworlds ...)
+	TODO: check
+CVE-2025-8246 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has ...)
+	TODO: check
+CVE-2025-8245 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has ...)
+	TODO: check
+CVE-2025-8244 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has ...)
+	TODO: check
+CVE-2025-8243 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and cla ...)
+	TODO: check
+CVE-2025-8242 (A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 an ...)
+	TODO: check
+CVE-2025-8241 (A vulnerability, which was classified as critical, was found in 1000 P ...)
+	TODO: check
+CVE-2024-58266 (The shlex crate before 1.2.1 for Rust allows unquoted and unescaped in ...)
+	TODO: check
+CVE-2024-58265 (The snow crate before 0.9.5 for Rust, when stateful TransportState is  ...)
+	TODO: check
+CVE-2024-58264 (The serde-json-wasm crate before 1.0.1 for Rust allows stack consumpti ...)
+	TODO: check
+CVE-2023-53161 (The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds a ...)
+	TODO: check
+CVE-2023-53160 (The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds  ...)
+	TODO: check
+CVE-2023-53159 (The openssl crate before 0.10.55 for Rust allows an out-of-bounds read ...)
+	TODO: check
+CVE-2023-53158 (The gix-transport crate before 0.36.1 for Rust allows command executio ...)
+	TODO: check
+CVE-2023-53157 (The rosenpass crate before 0.2.1 for Rust allows remote attackers to c ...)
+	TODO: check
+CVE-2023-53156 (The transpose crate before 0.2.3 for Rust allows an integer overflow v ...)
+	TODO: check
+CVE-2022-50237 (The ed25519-dalek crate before 2 for Rust allows a double public key s ...)
+	TODO: check
 CVE-2025-8240 (A vulnerability, which was classified as critical, has been found in c ...)
 	NOT-FOR-US: code-projects Exam Form Submission
 CVE-2025-8239 (A vulnerability classified as critical was found in code-projects Exam ...)
@@ -7144,7 +7212,8 @@ CVE-2025-38179 (In the Linux kernel, the following vulnerability has been resolv
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/a379a8a2a0032e12e7ef397197c9c2ad011588d6 (6.16-rc3)
-CVE-2025-38178 (In the Linux kernel, the following vulnerability has been resolved:  E ...)
+CVE-2025-38178
+	REJECTED
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/88efa0de3285be66969b71ec137d9dab1ee19e52 (6.16-rc3)
 CVE-2025-38177 (In the Linux kernel, the following vulnerability has been resolved:  s ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2137082eb60ab4a4f7ef427a3681ec300827108b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2137082eb60ab4a4f7ef427a3681ec300827108b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250728/eb9b408f/attachment.htm>

More information about the debian-security-tracker-commits mailing list