[Git][security-tracker-team/security-tracker][master] Add new CVEs for zulip-server, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Mar 31 21:45:55 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b107f97a by Salvatore Bonaccorso at 2025-03-31T22:45:29+02:00
Add new CVEs for zulip-server, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -207,9 +207,9 @@ CVE-2025-30963 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-30961 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30369 (Zulip is an open-source team collaboration tool. The API for deleting  ...)
-	TODO: check
+	- zulip-server <itp> (bug #800052)
 CVE-2025-30368 (Zulip is an open-source team collaboration tool. The API for deleting  ...)
-	TODO: check
+	- zulip-server <itp> (bug #800052)
 CVE-2025-30223 (Beego is an open-source web framework for the Go programming language. ...)
 	NOT-FOR-US: Beego
 CVE-2025-30209 (Tuleap is an Open Source Suite to improve management of software devel ...)
@@ -277,7 +277,7 @@ CVE-2025-29766 (Tuleap is an Open Source Suite to improve management of software
 CVE-2025-29266 (Unraid 7.0.0 before 7.0.1 allows remote users to access the Unraid Web ...)
 	NOT-FOR-US: Unraid
 CVE-2025-27149 (Zulip server provides an open-source team chat that helps teams stay p ...)
-	TODO: check
+	- zulip-server <itp> (bug #800052)
 CVE-2025-27095 (JumpServer is an open source bastion host and an operation and mainten ...)
 	NOT-FOR-US: JumpServer
 CVE-2025-23995 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b107f97a89a3ca2dfb30a632c59214f2909fa9bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b107f97a89a3ca2dfb30a632c59214f2909fa9bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250331/1e88c713/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list