[Git][security-tracker-team/security-tracker][master] Add information for CVE-2025-48708
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 23 22:21:06 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92c4a9ea by Salvatore Bonaccorso at 2025-05-23T23:20:33+02:00
Add information for CVE-2025-48708
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,7 +45,10 @@ CVE-2025-48740 (A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee
CVE-2025-48735 (A SQL Injection issue in the request body processing in BOS IPCs with ...)
NOT-FOR-US: BOS
CVE-2025-48708 (gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscri ...)
- TODO: check
+ - ghostscript 10.05.1~dfsg-1 (unimportant)
+ NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=708446
+ NOTE: Fixed by: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5b5968c306b3e35cdeec83bb15026fd74a7334de (ghostpdl-10.05.1)
+ NOTE: Argument handling with '#' instead of '=' only relevant on Windows
CVE-2025-48701 (openDCIM through 23.04 allows SQL injection in people_depts.php becaus ...)
NOT-FOR-US: openDCIM
CVE-2025-48695 (An issue was discovered in CyberDAVA before 1.1.20. A privilege escala ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c4a9ea35a9c905cc7903b4617cff16ef532673
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c4a9ea35a9c905cc7903b4617cff16ef532673
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250523/5036b0a3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list