[Git][security-tracker-team/security-tracker][master] also add CVE-2025-4476 for soup2.4
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jun 12 11:08:03 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e47365b8 by Moritz Muehlenhoff at 2025-06-12T11:28:09+02:00
also add CVE-2025-4476 for soup2.4
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8031,11 +8031,12 @@ CVE-2023-2334 (The edd-google-sheet-connector-pro WordPress plugin before 1.4, E
CVE-2025-4476 (A denial-of-service vulnerability has been identified in the libsoup H ...)
- libsoup3 <unfixed> (bug #1105887)
[bookworm] - libsoup3 <no-dsa> (Minor issue)
+ - libsoup2.4 <unfixed>
+ [bookworm] - libsoup2.4 <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/440
NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/457
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2366513
- TODO: check if affects as well libsoup2.4
CVE-2025-4123 (A cross-site scripting (XSS) vulnerability exists in Grafana caused by ...)
- grafana <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2364632
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e47365b8763f79664730cbd79386090882de5c5c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e47365b8763f79664730cbd79386090882de5c5c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250612/f5475c09/attachment.htm>
More information about the debian-security-tracker-commits
mailing list