[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 3 21:12:10 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
101492db by security tracker role at 2025-05-03T20:12:02+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,37 @@
-CVE-2025-37799 [vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp]
+CVE-2025-4244 (A vulnerability, which was classified as critical, was found in code-p ...)
+ TODO: check
+CVE-2025-4243 (A vulnerability, which was classified as critical, has been found in c ...)
+ TODO: check
+CVE-2025-4242 (A vulnerability classified as critical was found in PHPGurukul Online ...)
+ TODO: check
+CVE-2025-4241 (A vulnerability classified as critical has been found in PHPGurukul Te ...)
+ TODO: check
+CVE-2025-4240 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated ...)
+ TODO: check
+CVE-2025-4239 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been decla ...)
+ TODO: check
+CVE-2025-4238 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been class ...)
+ TODO: check
+CVE-2025-4237 (A vulnerability was found in PCMan FTP Server 2.0.7 and classified as ...)
+ TODO: check
+CVE-2025-4236 (A vulnerability has been found in PCMan FTP Server 2.0.7 and classifie ...)
+ TODO: check
+CVE-2025-4226 (A vulnerability classified as critical has been found in PHPGurukul Cy ...)
+ TODO: check
+CVE-2025-1838 (IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0 ...)
+ TODO: check
+CVE-2025-1495 (IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF00 ...)
+ TODO: check
+CVE-2024-41753 (IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF004 and ...)
+ TODO: check
+CVE-2025-37799 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/4c2227656d9003f4d77afc76f34dd81b95e4c2c4
-CVE-2024-58135 [may generate weak HMAC session secrets]
+CVE-2024-58135 (Mojolicious versions from 7.28 through 9.39 for Perl may generate weak ...)
- libmojolicious-perl <unfixed> (bug #1104633)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/29241187/
NOTE: https://github.com/mojolicious/mojo/pull/2200
-CVE-2024-58134 [uses a hard coded string, or the application's class name, as a HMAC session secret by default]
+CVE-2024-58134 (Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard c ...)
- libmojolicious-perl <unfixed>
NOTE: https://lists.security.metacpan.org/cve-announce/msg/29247502/
NOTE: https://github.com/mojolicious/mojo/pull/1791
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/101492dbe9bacd8461e51f37bc4dad754b453f65
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/101492dbe9bacd8461e51f37bc4dad754b453f65
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250503/b3e8f046/attachment.htm>
More information about the debian-security-tracker-commits
mailing list