[Git][security-tracker-team/security-tracker][master] Add CVE-2025-49140/golang-github-pion-interceptor

Tue Jun 10 21:34:21 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
66acf30c by Salvatore Bonaccorso at 2025-06-10T22:33:56+02:00
Add CVE-2025-49140/golang-github-pion-interceptor

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -474,7 +474,11 @@ CVE-2025-4387 (The Abandoned Cart Pro for WooCommerce plugin contains an authent
 CVE-2025-49141 (HAX CMS PHP allows users to manage their microsite universe with a PHP ...)
 	NOT-FOR-US: HAX CMS PHP
 CVE-2025-49140 (Pion Interceptor is a framework for building RTP/RTCP communication so ...)
-	TODO: check
+	- golang-github-pion-interceptor <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/pion/interceptor/security/advisories/GHSA-f26w-gh5m-qq77
+	NOTE: https://github.com/pion/webrtc/issues/3148
+	NOTE: https://github.com/pion/interceptor/pull/338
+	NOTE: Fixed by: https://github.com/pion/interceptor/commit/fa5b35ea867389cec33a9c82fffbd459ca8958e5 (v0.1.39)
 CVE-2025-49139 (HAX CMS PHP allows users to manage their microsite universe with a PHP ...)
 	NOT-FOR-US: HAX CMS PHP
 CVE-2025-49138 (HAX CMS PHP allows users to manage their microsite universe with a PHP ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66acf30c1cc65d169b6e07844fdbcd74f51a4e51

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66acf30c1cc65d169b6e07844fdbcd74f51a4e51
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250610/2e29094c/attachment.htm>
