[Git][security-tracker-team/security-tracker][master] Add new wolfssl issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 22 08:50:51 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
edc301dc by Salvatore Bonaccorso at 2025-11-22T09:50:21+01:00
Add new wolfssl issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,9 +29,14 @@ CVE-2025-13384 (The CP Contact Form with PayPal plugin for WordPress is vulnerab
CVE-2025-13317 (The Appointment Booking Calendar plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12889 (With TLS 1.2 connections a client can use any digest, specifically a w ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9395
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/58bd6a8d9431f16b3745cae4d4dd504a8c170eb0 (v5.8.4-stable)
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/f54ca0d481fae9bfa86011ff37d2911c824be073 (v5.8.4-stable)
CVE-2025-12888 (Vulnerability in X25519 constant-time cryptographic implementations du ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9275
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/c161cbd9f3fa1247382bb5b6269c7379222cabf5 (v5.8.4-stable)
CVE-2025-12877 (The IDonate \u2013 Blood Donation, Request And Donor Management System ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12752 (The Subscriptions & Memberships for PayPal plugin for WordPress is vul ...)
@@ -39,17 +44,29 @@ CVE-2025-12752 (The Subscriptions & Memberships for PayPal plugin for WordPress
CVE-2025-12678
REJECTED
CVE-2025-11936 (Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolf ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9117
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/b1cdf0b214f0e9c0d34e29d16325cbe9a8deb87d (v5.8.4-stable)
CVE-2025-11935 (With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could i ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9112
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/cd55fe613566c6eaf358f2796692ee5f24b55c0e (v5.8.4-stable)
CVE-2025-11934 (Improper input validation in the TLS 1.3 CertificateVerify signature a ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9113
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/2810656242f18b813c1fbea117f68ac19193381f (v5.8.4-stable)
CVE-2025-11933 (Improper Input Validation in the TLS 1.3 CKS extension parsing in wolf ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9132
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/2885df68b4f55961548d3a292128613c18e6774b (v5.8.4-stable)
CVE-2025-11932 (The server previously verified the TLS 1.3 PSK binder using a non-cons ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9223
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/7afcf200774987fcd349663733770d38c1d97292 (v5.8.4-stable)
CVE-2025-11931 (Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 ...)
- TODO: check
+ - wolfssl <unfixed>
+ NOTE: https://github.com/wolfSSL/wolfssl/pull/9223
+ NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/7afcf200774987fcd349663733770d38c1d97292 (v5.8.4-stable)
CVE-2025-11186 (The Cookie Notice & Compliance for GDPR / CCPA plugin for WordPress is ...)
NOT-FOR-US: WordPress plugin
CVE-2025-11087 (The Zegen Core plugin for WordPress is vulnerable to Cross-Site Reques ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edc301dccfc54ccf96256d15cd391d6b7ef1c2fc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edc301dccfc54ccf96256d15cd391d6b7ef1c2fc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251122/221c336f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list