[Git][security-tracker-team/security-tracker][master] Update information on CVE-2025-62507: Add upstream commits
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 4 20:24:16 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
54204d75 by Salvatore Bonaccorso at 2025-11-04T21:23:39+01:00
Update information on CVE-2025-62507: Add upstream commits
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,6 +1,8 @@
CVE-2025-62507 [Bug in XACKDEL may lead to stack overflow and potential RCE]
- redis <not-affected> (Vulnerable code not present)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-jhjx-x4cf-4vm8
+ NOTE: Introduced with: https://github.com/redis/redis/commit/fa040a72c0720d9b0a833117b086e5bbafa6ddc8 (8.2-rc1)
+ NOTE: Fixed by: https://github.com/redis/redis/commit/5f83972188f6e5b1d6f1940218c650a9cbdf7741 (8.2.3)
CVE-2025-64322 (Incorrect Permission Assignment for Critical Resource vulnerability in ...)
NOT-FOR-US: Salesforce
CVE-2025-64321 (Improper Neutralization of Input Used for LLM Prompting vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54204d75145fe265236e1adce9edf3874c291aa4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54204d75145fe265236e1adce9edf3874c291aa4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251104/7f0043f3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list