[Git][security-tracker-team/security-tracker][master] Add CVE-2025-63601/snipe-it, itp'ed
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 5 21:06:43 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fedd8f7b by Salvatore Bonaccorso at 2025-11-05T22:05:34+01:00
Add CVE-2025-63601/snipe-it, itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2025-64458 (An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26,
NOTE: https://github.com/django/django/commit/c880530ddd4fabd5939bab0e148bebe36699432a (main)
NOTE: https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7 (4.2.26)
CVE-2025-63601 (Snipe-IT before version 8.3.3 contains a remote code execution vulnera ...)
- TODO: check
+ - snipe-it <itp> (bug #1005172)
CVE-2025-63418 (A DOM-based Cross-Site Scripting (XSS) vulnerability in the SelfBest p ...)
NOT-FOR-US: SelfBest platform
CVE-2025-63417 (A Stored Cross-Site Scripting (XSS) vulnerability in the chat function ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fedd8f7b2b18a67301dfcac7b7db8fbec21b6561
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fedd8f7b2b18a67301dfcac7b7db8fbec21b6561
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251105/259ef71b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list