[Git][security-tracker-team/security-tracker][master] CVE-2025-26434: Record contact with Android CNA
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Sep 6 15:09:18 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c4d42378 by Salvatore Bonaccorso at 2025-09-06T16:08:38+02:00
CVE-2025-26434: Record contact with Android CNA
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -377,8 +377,7 @@ CVE-2025-26461 (In Permission Manager, there is a possible way for the microphon
CVE-2025-26434 (In libxml2, there is a possible out of bounds read due to a buffer ove ...)
- libxml2 <unfixed>
NOTE: https://source.android.com/docs/security/bulletin/android-16
- NOTE: No other details known so far
- TODO: reach out to Android security folks
+ NOTE: No other details known so far, reached out to Android CNA for clarification
CVE-2025-10044 (A flaw was found in Keycloak. Keycloak\u2019s account console and othe ...)
- keycloak <itp> (bug #1088287)
CVE-2025-10043 (A path traversal validation flaw exists in Keycloak\u2019s vault key h ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4d42378f02e991b9f83d70c2d90d7a5e3f886f3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4d42378f02e991b9f83d70c2d90d7a5e3f886f3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250906/6e69f245/attachment.htm>
More information about the debian-security-tracker-commits
mailing list