[Git][security-tracker-team/security-tracker][master] Add CVE-2025-10966/curl
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 5 08:26:53 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
224908e5 by Salvatore Bonaccorso at 2025-11-05T09:26:38+01:00
Add CVE-2025-10966/curl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2025-10966
+ - curl 8.17.0~rc2-1 (unimportant)
+ NOTE: https://curl.se/docs/CVE-2025-10966.html
+ NOTE: Introduced with: https://github.com/curl/curl/commit/6773c7ca65cf2183295e56603f9b86a5ce816a06 (curl-7_69_0)
+ NOTE: Fixed by: https://github.com/curl/curl/commit/b011e3fcfb06d6c0278595ee2ee297036fbe9793 (rc-8_17_0-1)
+ NOTE: wolfSSH backend not used in Debian
CVE-2025-8871 (The Everest Forms (Pro) plugin for WordPress is vulnerable to PHP Obje ...)
NOT-FOR-US: WordPress plugin
CVE-2025-6027 (The Ace User Management WordPress plugin through 2.0.3 does not proper ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/224908e5ac09ec2ae6c8e18a2bc646d433c2da08
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/224908e5ac09ec2ae6c8e18a2bc646d433c2da08
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251105/a3560f30/attachment.htm>
More information about the debian-security-tracker-commits
mailing list