[Git][security-tracker-team/security-tracker][master] mark gnuplot as non issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Mar 27 22:22:30 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0891154d by Moritz Muehlenhoff at 2025-03-27T23:22:06+01:00
mark gnuplot as non issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,25 +1,30 @@
CVE-2024-56325
NOT-FOR-US: Apache Pinot
CVE-2025-31181 (A flaw was found in gnuplot. The X11_graphics() function may lead to a ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355338
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and need to
+ NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2025-31180 (A flaw was found in gnuplot. The CANVAS_text() function may lead to a ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355339
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and need to
+ NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2025-31179 (A flaw was found in gnuplot. The xstrftime() function may lead to a se ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355340
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and need to
+ NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2025-31178 (A flaw was found in gnuplot. The GetAnnotateString() function may lead ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355341
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and need to
+ NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2025-31176 (A flaw was found in gnuplot. The plot3d_points() function may lead to ...)
- - gnuplot <unfixed>
+ - gnuplot <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2355343
- TODO: check details
+ NOTE: No security impact, gnuplot can execute arbitrary commands and need to
+ NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2025-31141 (In JetBrains TeamCity before 2025.03 exception could lead to credentia ...)
NOT-FOR-US: JetBrains
CVE-2025-31140 (In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0891154dc65b22942bfb511a09a42b5cf9ef2dc4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0891154dc65b22942bfb511a09a42b5cf9ef2dc4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250327/c6f29067/attachment.htm>
More information about the debian-security-tracker-commits
mailing list