[Git][security-tracker-team/security-tracker][master] Update status for some radare2 issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 24 19:47:15 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6f2d0abc by Salvatore Bonaccorso at 2025-09-24T20:46:43+02:00
Update status for some radare2 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36303,13 +36303,15 @@ CVE-2025-5650 (A vulnerability classified as critical was found in 1000projects
CVE-2025-5649 (A vulnerability classified as critical has been found in SourceCodeste ...)
NOT-FOR-US: SourceCodester
CVE-2025-5648 (A vulnerability was found in Radare2 5.9.9. It has been classified as ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24238
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5647 (A vulnerability was found in Radare2 5.9.9 and classified as problemat ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24237
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5382 (Improper access control in users MFA feature in Devolutions Server 202 ...)
NOT-FOR-US: Devolutions
CVE-2025-5341 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
@@ -36384,29 +36386,35 @@ CVE-2025-5683 (When loading a specifically crafted ICNS format image file in QIm
NOTE: https://codereview.qt-project.org/c/qt/qtimageformats/+/644548
NOTE: https://github.com/qt/qtimageformats/commit/efd332516f510144927121fa749ce819b82ec633
CVE-2025-5646 (A vulnerability has been found in Radare2 5.9.9 and classified as prob ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24235
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5645 (A vulnerability, which was classified as problematic, was found in Rad ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24234
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5644 (A vulnerability, which was classified as problematic, has been found i ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24233
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5643 (A vulnerability classified as problematic was found in Radare2 5.9.9. ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24232
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5642 (A vulnerability classified as problematic has been found in Radare2 5. ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24231
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5641 (A vulnerability was found in Radare2 5.9.9. It has been rated as probl ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1107316)
NOTE: https://github.com/radareorg/radare2/issues/24230
- NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
+ NOTE: https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798 (6.0.0)
CVE-2025-5640 (A vulnerability was found in PX4-Autopilot 1.12.3. It has been classif ...)
NOT-FOR-US: PX4-Autopilot
CVE-2025-5639 (A vulnerability was found in PHPGurukul Notice Board System 1.0 and cl ...)
@@ -66785,9 +66793,10 @@ CVE-2025-1866 (Improper Restriction of Operations within the Bounds of a Memory
- libwebsockets <not-affected> (Only affects libwebsockets on Windows)
NOTE: https://github.com/warmcat/libwebsockets/commit/3f7c79fd57338aca1bf4a1b1f24e324b80d36265
CVE-2025-1864 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1099622)
NOTE: https://github.com/radareorg/radare2/pull/23981
- NOTE: Fixed by: https://github.com/radareorg/radare2/commit/db6decd4bc90bb4a492129e70803136fa184f470
+ NOTE: Fixed by: https://github.com/radareorg/radare2/commit/db6decd4bc90bb4a492129e70803136fa184f470 (6.0.0)
CVE-2025-1859 (A vulnerability, which was classified as critical, has been found in P ...)
NOT-FOR-US: PHPGurukul
CVE-2025-1858 (A vulnerability classified as critical was found in Codezips Online Sh ...)
@@ -67370,9 +67379,10 @@ CVE-2025-23225 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authe
CVE-2025-1757 (The WordPress Portfolio Builder \u2013 Portfolio Gallery plugin for Wo ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1744 (Out-of-bounds Write vulnerability in radareorg radare2 allows heap-b ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1099620)
NOTE: https://github.com/radareorg/radare2/pull/23969
- NOTE: https://github.com/radareorg/radare2/commit/e64c606b1342a4c0ab2c35ef5146b69667dcd43a
+ NOTE: https://github.com/radareorg/radare2/commit/e64c606b1342a4c0ab2c35ef5146b69667dcd43a (6.0.0)
CVE-2025-1687 (The Cardealer theme for WordPress is vulnerable to Cross-Site Request ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1682 (The Cardealer theme for WordPress is vulnerable to privilege escalatio ...)
@@ -73478,9 +73488,10 @@ CVE-2025-1380 (A vulnerability was found in Codezips Gym Management System 1.0 a
CVE-2025-1379 (A vulnerability has been found in code-projects Real Estate Property M ...)
NOT-FOR-US: Real Estate Property Management System
CVE-2025-1378 (A vulnerability, which was classified as problematic, was found in rad ...)
+ [experimental] - radare2 6.0.2+dfsg-1
- radare2 <unfixed> (bug #1098376)
NOTE: https://github.com/radareorg/radare2/issues/23953
- NOTE: Fixed by: https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545
+ NOTE: Fixed by: https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545 (6.0.0)
CVE-2025-1377 (A vulnerability, which was classified as problematic, has been found i ...)
- elfutils <unfixed> (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=32673
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f2d0abc219abf990a20314c256563ee11f05823
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f2d0abc219abf990a20314c256563ee11f05823
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250924/85bcc4a6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list