[Git][security-tracker-team/security-tracker][master] Add notes about CVE-2025-50817.
Chris Lamb (@lamby)
lamby at debian.org
Wed Sep 10 23:31:17 BST 2025
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1c94d0fb by Chris Lamb at 2025-09-10T15:30:52-07:00
Add notes about CVE-2025-50817.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8585,6 +8585,8 @@ CVE-2025-50817 (A vulnerability in the Python-Future 1.0.0 module allows for arb
[bookworm] - python-future <no-dsa> (Minor issue)
NOTE: https://medium.com/@abcd_68700/cve-2025-50817-python-future-module-arbitrary-code-execution-via-unintended-import-of-test-py-f0818ea93cf4
NOTE: https://github.com/PythonCharmers/python-future/issues/268
+ NOTE: Project is EOL/unmaintained; no upstream fix is likely.
+ NOTE: CVE may be rejected. https://github.com/PythonCharmers/python-future/issues/650#issuecomment-3252409616
CVE-2025-50518 (A use-after-free vulnerability exists in the coap_delete_pdu_lkd funct ...)
- libcoap3 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/IreneTheITCrowd/blog/blob/main/libcoap-vulnerability.md
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c94d0fb02072aed4124caada1c6926283a395eb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c94d0fb02072aed4124caada1c6926283a395eb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250910/1bfc7ce7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list