[Git][security-tracker-team/security-tracker][master] Add CVE-2025-45311/fail2ban
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 27 15:45:09 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
05c7644d by Salvatore Bonaccorso at 2025-11-27T16:44:12+01:00
Add CVE-2025-45311/fail2ban
Seems either bogus or negligible, but let's wait a bit for upstream
assessment in https://github.com/fail2ban/fail2ban/issues/4110
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -203,7 +203,9 @@ CVE-2025-46175 (Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is
CVE-2025-46174 (Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missin ...)
NOT-FOR-US: Ruoyi
CVE-2025-45311 (Insecure permissions in fail2ban-client v0.11.2 allows attackers with ...)
- TODO: check
+ - fail2ban <undetermined>
+ NOTE: https://github.com/fail2ban/fail2ban/issues/4110
+ TODO: check, upstream waiting on reporter, cf. https://github.com/fail2ban/fail2ban/issues/4110#issuecomment-3586321999
CVE-2025-3747
REJECTED
CVE-2025-2486 (The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05c7644d5a5036d304c893455752442da8205e34
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05c7644d5a5036d304c893455752442da8205e34
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251127/101eb7b8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list