[Git][security-tracker-team/security-tracker][master] Add CVE-2025-49128/jackson-core
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jun 7 10:16:53 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bf123fe5 by Salvatore Bonaccorso at 2025-06-07T11:16:18+02:00
Add CVE-2025-49128/jackson-core
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,10 @@
CVE-2025-5814 (The Profiler \u2013 What Slowing Down Your WP plugin for WordPress is ...)
NOT-FOR-US: WordPress plugin
CVE-2025-49128 (Jackson-core contains core low-level incremental ("streaming") parser ...)
- TODO: check
+ - jackson-core 2.13.0-1
+ NOTE: https://github.com/FasterXML/jackson-core/security/advisories/GHSA-wf8f-6423-gfxg
+ NOTE: https://github.com/FasterXML/jackson-core/pull/652
+ NOTE: https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8 (jackson-core-2.13.0-rc1)
CVE-2025-49127 (Kafbat UI is a web user interface for managing Apache Kafka clusters. ...)
TODO: check
CVE-2025-47601 (Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf123fe50fb9c541a8184f1a6a2d565082f6b8b9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf123fe50fb9c541a8184f1a6a2d565082f6b8b9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250607/675a8564/attachment.htm>
More information about the debian-security-tracker-commits
mailing list