[Git][security-tracker-team/security-tracker][master] Add CVE-2025-71379/vllm, itp'ed
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jun 20 20:37:53 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d779f250 by Salvatore Bonaccorso at 2026-06-20T21:37:28+02:00
Add CVE-2025-71379/vllm, itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,7 +59,7 @@ CVE-2026-11912 (The Simple File List plugin for WordPress is vulnerable to arbit
CVE-2026-11911 (The Simple File List plugin for WordPress is vulnerable to arbitrary f ...)
NOT-FOR-US: WordPress plugin
CVE-2025-71379 (vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression ...)
- TODO: check
+ - vllm <itp> (bug #1095237)
CVE-2025-71331 (Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerabili ...)
NOT-FOR-US: Flowise
CVE-2024-58351 (Flowise before 2.1.4 allows configuration to be injected into the Chai ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d779f250043b03c43561513c61b58c18eb7e6766
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d779f250043b03c43561513c61b58c18eb7e6766
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260620/67cf7688/attachment.htm>
More information about the debian-security-tracker-commits
mailing list