[Git][security-tracker-team/security-tracker][master] Add CVE-2025-4748/erlang
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 16 22:10:17 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
52abded7 by Salvatore Bonaccorso at 2025-06-16T23:09:52+02:00
Add CVE-2025-4748/erlang
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -70,7 +70,10 @@ CVE-2025-5689 (A flaw was found in the temporary user record that authd uses in
CVE-2025-5309 (The chat feature within Remote Support (RS) and Privileged Remote Acce ...)
NOT-FOR-US: BeyondTrust
CVE-2025-4748 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ - erlang <unfixed>
+ NOTE: https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc
+ NOTE: https://github.com/erlang/otp/pull/9941
+ NOTE: https://github.com/erlang/otp/commit/10608879c81332af2d3c00db61ee173c93c1ea4e (OTP-26.2.5.13, OTP-27.3.4.1)
CVE-2025-4565 (Any project that uses Protobuf Pure-Python backendto parse untrusted P ...)
TODO: check
CVE-2025-49125 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52abded73029801c9857e32ebfefc107b1d4d43e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52abded73029801c9857e32ebfefc107b1d4d43e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250616/df2602bc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list