[Git][security-tracker-team/security-tracker][master] Add two apt-cacher-ng issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Oct 13 15:37:57 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9459e8c8 by Salvatore Bonaccorso at 2025-10-13T16:37:12+02:00
Add two apt-cacher-ng issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5473,9 +5473,15 @@ CVE-2025-11155 (The credentials required to access the device's web server are s
 CVE-2025-11150
 	REJECTED
 CVE-2025-11147 (Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ...)
-	TODO: check
+	- apt-cacher-ng 3.7.5-1
+	[bookworm] - apt-cacher-ng <no-dsa> (Minor issue)
+	NOTE: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-apt-cacher-ng
+	NOTE: https://salsa.debian.org/blade/apt-cacher-ng/-/commit/b03d9a3ab326aad2538f42d2831b3114b830912b (upstream/3.7.5)
 CVE-2025-11146 (Reflected Cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ...)
-	TODO: check
+	- apt-cacher-ng 3.7.5-1
+	[bookworm] - apt-cacher-ng <no-dsa> (Minor issue)
+	NOTE: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-apt-cacher-ng
+	NOTE: https://salsa.debian.org/blade/apt-cacher-ng/-/commit/b03d9a3ab326aad2538f42d2831b3114b830912b (upstream/3.7.5)
 CVE-2025-10346 (HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a  sto ...)
 	NOT-FOR-US: Perfex CRM
 CVE-2025-10345 (HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a  sto ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9459e8c8db18ff80d35a39522abc17f21c53a794

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9459e8c8db18ff80d35a39522abc17f21c53a794
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251013/ca7091d4/attachment.htm>

More information about the debian-security-tracker-commits mailing list