[Git][security-tracker-team/security-tracker][master] Add CVE-2025-4444/tor
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 18 21:53:56 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9858cc86 by Salvatore Bonaccorso at 2025-09-18T22:53:19+02:00
Add CVE-2025-4444/tor
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,9 @@ CVE-2025-55911 (An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker t
CVE-2025-50255 (Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffi ...)
NOT-FOR-US: Smartvista BackOffice SmartVista Suite
CVE-2025-4444 (A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Im ...)
- TODO: check
+ - tor <unfixed>
+ NOTE: https://github.com/chunmianwang/Tordos
+ NOTE: https://forum.torproject.org/t/alpha-and-stable-release-0-4-8-18-and-0-4-9-3-alpha/20578
CVE-2025-40678 (Unrestricted upload vulnerability for dangerous file types on Summar S ...)
NOT-FOR-US: Summar Software Employee Portal
CVE-2025-40677 (SQL injection vulnerability in Summar Software\xb4s Portal del Emplead ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9858cc86ce09828e847a910253a465364a40d11b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9858cc86ce09828e847a910253a465364a40d11b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250918/ed7dcb28/attachment.htm>
More information about the debian-security-tracker-commits
mailing list