[Git][security-tracker-team/security-tracker][master] Add CVE-2025-12119/mongo-c-driver
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 20 10:02:47 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
85f062a9 by Salvatore Bonaccorso at 2025-11-20T11:00:44+01:00
Add CVE-2025-12119/mongo-c-driver
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -322,7 +322,8 @@ CVE-2025-12349 (The Icegram Express - Email Subscribers, Newsletters and Marketi
CVE-2025-12174 (The Directorist: AI-Powered Business Directory Plugin with Classified ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12119 (A mongoc_bulk_operation_t may read invalid memory if large options are ...)
- TODO: check
+ - mongo-c-driver 2.1.2-1
+ TODO: research exact commit, possibly https://github.com/mongodb/mongo-c-driver/pull/2132, asked maintainer
CVE-2025-12057 (The WavePlayer WordPress plugin before 3.8.0 does not have authorizati ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12056 (Out-of-bounds Read in Shelly Pro 3EM(before v1.4.4) allows Overread Bu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85f062a9cbc4791ca1489af4e7b8d02528845c8c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85f062a9cbc4791ca1489af4e7b8d02528845c8c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251120/34c9bf76/attachment.htm>
More information about the debian-security-tracker-commits
mailing list