[Git][security-tracker-team/security-tracker][master] Add two new node-node-forge issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 27 08:22:57 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6c19344e by Salvatore Bonaccorso at 2025-11-27T09:22:37+01:00
Add two new node-node-forge issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,9 +9,13 @@ CVE-2025-66040 (Spotipy is a Python library for the Spotify Web API. Prior to ve
 CVE-2025-66035 (Angular is a development platform for building mobile and desktop web  ...)
 	TODO: check
 CVE-2025-66031 (Forge (also called `node-forge`) is a native implementation of Transpo ...)
-	TODO: check
+	- node-node-forge <removed>
+	NOTE: https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27
+	NOTE: https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451 (v1.3.2)
 CVE-2025-66030 (Forge (also called `node-forge`) is a native implementation of Transpo ...)
-	TODO: check
+	- node-node-forge <removed>
+	NOTE: https://github.com/digitalbazaar/forge/security/advisories/GHSA-65ch-62r8-g69g
+	NOTE: https://github.com/digitalbazaar/forge/commit/3e0c35ace169cfca529a3e547a7848dc7bf57fdb (v1.3.2)
 CVE-2025-65202 (TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command inje ...)
 	NOT-FOR-US: TRENDnet
 CVE-2025-64344 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c19344eb53cedfb53688ec103eb6904915adf8f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c19344eb53cedfb53688ec103eb6904915adf8f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251127/72e1bd4d/attachment.htm>

More information about the debian-security-tracker-commits mailing list