[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68670/xrdp
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 27 22:12:18 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9fac5f5e by Salvatore Bonaccorso at 2026-01-27T23:11:53+01:00
Add CVE-2025-68670/xrdp
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -262,7 +262,9 @@ CVE-2025-69562 (code-projects Mobile Shop Management System 1.0 is vulnerable to
CVE-2025-69559 (code-projects Computer Book Store 1.0 is vulnerable to File Upload in ...)
NOT-FOR-US: code-projects
CVE-2025-68670 (xrdp is an open source RDP server. xrdp before v0.10.5 contains an una ...)
- TODO: check
+ - xrdp <unfixed>
+ NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rwvg-gp87-gh6f
+ NOTE: https://github.com/neutrinolabs/xrdp/commit/0d6964415ac31f8240ed894de1ff626bf4683eac (v0.10.5)
CVE-2025-65264 (The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate u ...)
TODO: check
CVE-2025-55102 (A denial-of-service vulnerability exists in the NetX IPv6 component fu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fac5f5ee8182ea92f0a3a2a3345134d32309e6d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fac5f5ee8182ea92f0a3a2a3345134d32309e6d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/83809fba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list