[Git][security-tracker-team/security-tracker][master] new go issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Sep 23 14:27:46 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c2a48345 by Moritz Muehlenhoff at 2025-09-23T15:27:07+02:00
new go issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -52,7 +52,13 @@ CVE-2025-57205 (iNiLabs School Express (SMS Express) 6.2 is affected by a Stored
CVE-2025-57204 (Stocky POS with Inventory Management & HRM (ui-lib) version 5.0 is aff ...)
NOT-FOR-US: Stocky POS with Inventory Management
CVE-2025-47910 (When using http.CrossOriginProtection, the AddInsecureBypassPattern me ...)
- TODO: check
+ - golang-1.24 <unfixed>
+ - golang-1.23 <unfixed>
+ - golang-1.19 <removed>
+ - golang-1.15 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ
+ NOTE: https://go-review.googlesource.com/c/go/+/699275
+ NOTE: https://github.com/golang/go/issues/75054
CVE-2025-43814 (In Liferay Portal 7.4.0 through 7.4.3.112, and older unsupported versi ...)
NOT-FOR-US: Liferay
CVE-2025-43810 (Insecure Direct Object Reference (IDOR) vulnerability with commerce or ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2a4834570cd89caa79cf98b145162320c1faae7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2a4834570cd89caa79cf98b145162320c1faae7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250923/209c9424/attachment.htm>
More information about the debian-security-tracker-commits
mailing list