[Git][security-tracker-team/security-tracker][master] Add CVE-2025-63498/sogo
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 25 09:00:08 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
def08dcd by Salvatore Bonaccorso at 2025-11-25T09:59:26+01:00
Add CVE-2025-63498/sogo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,7 +35,9 @@ CVE-2025-64304 ("FOD" App uses hard-coded cryptographic keys, which may allow a
CVE-2025-63674 (An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allo ...)
NOT-FOR-US: Blurams
CVE-2025-63498 (alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the ...)
- TODO: check
+ - sogo 5.12.4-1
+ NOTE: https://github.com/Alinto/sogo/commit/9e20190fad1a437f7e1307f0adcfe19a8d45184c (SOGo-5.12.4)
+ NOTE: https://github.com/xryptoh/CVE-2025-63498
CVE-2025-62691 (Security Point (Windows) of MaLion and MaLionCloud contains a stack-ba ...)
NOT-FOR-US: MaLion and MaLionCloud
CVE-2025-62497 (Cross-site request forgery vulnerability exists in SNC-CX600W versions ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/def08dcd843fc119f078fb524fab6f7d9e9426cd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/def08dcd843fc119f078fb524fab6f7d9e9426cd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251125/cd117b6e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list