[Git][security-tracker-team/security-tracker][master] Add CVE-2025-10921/gegl
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 26 19:48:56 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
32a730ee by Salvatore Bonaccorso at 2025-09-26T20:48:18+02:00
Add CVE-2025-10921/gegl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2025-10921 [GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]
+ - gegl <unfixed>
+ NOTE: https://gitlab.gnome.org/GNOME/gegl/-/issues/430
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gegl/-/commit/0e68b7471dabf2800d780819c19bd5e6462f565f
CVE-2025-9985 (The Featured Image from URL (FIFU) plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9984 (The Featured Image from URL (FIFU) plugin for WordPress is vulnerable ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32a730ee95bfaea222a0127b005336aa94e0a953
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32a730ee95bfaea222a0127b005336aa94e0a953
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250926/afa1949f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list