[Git][security-tracker-team/security-tracker][master] Add CVE-2025-60876/busybox

Tue Nov 11 09:08:32 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f2ab175 by Salvatore Bonaccorso at 2025-11-11T10:05:50+01:00
Add CVE-2025-60876/busybox

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -307,7 +307,9 @@ CVE-2025-63149 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack over
 CVE-2025-63147 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow i ...)
 	NOT-FOR-US: Tenda
 CVE-2025-60876 (BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0  ...)
-	TODO: check
+	- busybox <unfixed>
+	NOTE: https://gist.github.com/subyumatest/41554af6a72aedaacaec026adc311092
+	TODO: check details
 CVE-2025-56503 (An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticate ...)
 	- sublime-text <itp> (bug #682158)
 CVE-2025-47932 (Combodo iTop is a web based IT service management tool. Versions prior ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f2ab175585beb49b437677490def4533b4a7aa0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f2ab175585beb49b437677490def4533b4a7aa0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251111/7539f4c3/attachment.htm>
