[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 11 20:13:15 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
22e1555b by security tracker role at 2026-03-11T20:13:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,324 @@
-CVE-2026-3904 [nscd client crash on x86_64 under high nscd load]
+CVE-2026-3954 (A weakness has been identified in OpenBMB XAgent 1.0.0. Affected by th ...)
+ TODO: check
+CVE-2026-3951 (A security flaw has been discovered in LockerProject Locker 0.0.0/0.0. ...)
+ TODO: check
+CVE-2026-3950 (A vulnerability was identified in strukturag libheif up to 1.21.2. Thi ...)
+ TODO: check
+CVE-2026-3949 (A vulnerability was determined in strukturag libheif up to 1.21.2. Thi ...)
+ TODO: check
+CVE-2026-3946 (A vulnerability was detected in PHPEMS 11.0. The affected element is a ...)
+ TODO: check
+CVE-2026-3944 (A vulnerability was determined in itsourcecode University Management S ...)
+ TODO: check
+CVE-2026-3943 (A vulnerability was found in H3C ACG1000-AK230 up to 20260227. This af ...)
+ TODO: check
+CVE-2026-3906 (WordPress core is vulnerable to unauthorized access in versions 6.9 th ...)
+ TODO: check
+CVE-2026-3848 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-3496 (The JetBooking plugin for WordPress is vulnerable to SQL Injection via ...)
+ TODO: check
+CVE-2026-3492 (The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-S ...)
+ TODO: check
+CVE-2026-3231 (The Checkout Field Editor (Checkout Manager) for WooCommerce plugin fo ...)
+ TODO: check
+CVE-2026-3178 (The Name Directory plugin for WordPress is vulnerable to Stored Cross- ...)
+ TODO: check
+CVE-2026-3013 (Coppermine Photo Gallery in versions 1.6.09 through 1.6.27is vulnerabl ...)
+ TODO: check
+CVE-2026-32234 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-32229 (In JetBrains Hub before 2026.1 possible on sign-in account mismatch wi ...)
+ TODO: check
+CVE-2026-32098 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-32097 (PingPong is a platform for using large language models (LLMs) for teac ...)
+ TODO: check
+CVE-2026-32096 (Plunk is an open-source email platform built on top of AWS SES. Prior ...)
+ TODO: check
+CVE-2026-32095 (Plunk is an open-source email platform built on top of AWS SES. Prior ...)
+ TODO: check
+CVE-2026-32094 (Shescape is a simple shell escape library for JavaScript. Prior to 2.1 ...)
+ TODO: check
+CVE-2026-32063 (OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command inj ...)
+ TODO: check
+CVE-2026-32062 (OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-ca ...)
+ TODO: check
+CVE-2026-32061 (OpenClaw versions prior to 2026.2.17 contain a path traversal vulnerab ...)
+ TODO: check
+CVE-2026-32060 (OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerab ...)
+ TODO: check
+CVE-2026-32059 (OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins va ...)
+ TODO: check
+CVE-2026-31979 (Himmelblau is an interoperability suite for Microsoft Azure Entra ID a ...)
+ TODO: check
+CVE-2026-31976 (xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 202 ...)
+ TODO: check
+CVE-2026-31975 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude C ...)
+ TODO: check
+CVE-2026-31974 (OpenProject is an open-source, web-based project management software. ...)
+ TODO: check
+CVE-2026-31961 (Quill provides simple mac binary signing and notarization from any pla ...)
+ TODO: check
+CVE-2026-31960 (Quill provides simple mac binary signing and notarization from any pla ...)
+ TODO: check
+CVE-2026-31959 (Quill provides simple mac binary signing and notarization from any pla ...)
+ TODO: check
+CVE-2026-31958 (Tornado is a Python web framework and asynchronous networking library. ...)
+ TODO: check
+CVE-2026-31957 (Himmelblau is an interoperability suite for Microsoft Azure Entra ID a ...)
+ TODO: check
+CVE-2026-31954 (Emlog is an open source website building system. In 2.6.6 and earlier, ...)
+ TODO: check
+CVE-2026-31901 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31900 (Black is the uncompromising Python code formatter. Black provides a Gi ...)
+ TODO: check
+CVE-2026-31896 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
+ TODO: check
+CVE-2026-31895 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
+ TODO: check
+CVE-2026-31894 (WeGIA is a web manager for charitable institutions. In 3.6.5, The patc ...)
+ TODO: check
+CVE-2026-31892 (Argo Workflows is an open source container-native workflow engine for ...)
+ TODO: check
+CVE-2026-31889 (Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, ...)
+ TODO: check
+CVE-2026-31888 (Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, ...)
+ TODO: check
+CVE-2026-31887 (Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, ...)
+ TODO: check
+CVE-2026-31881 (Runtipi is a personal homeserver orchestrator. Prior to 4.8.0, an unau ...)
+ TODO: check
+CVE-2026-31879 (Frappe is a full-stack web application framework. Prior to 14.100.2, 1 ...)
+ TODO: check
+CVE-2026-31878 (Frappe is a full-stack web application framework. Prior to 14.100.1, 1 ...)
+ TODO: check
+CVE-2026-31877 (Frappe is a full-stack web application framework. Prior to 15.84.0 and ...)
+ TODO: check
+CVE-2026-31876 (Notesnook is a note-taking app focused on user privacy & ease of use. ...)
+ TODO: check
+CVE-2026-31875 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31874 (Taskosaur is an open source project management platform with conversat ...)
+ TODO: check
+CVE-2026-31872 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31871 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31870 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
+ TODO: check
+CVE-2026-31868 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31867 (Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.11.0 ...)
+ TODO: check
+CVE-2026-31866 (flagd is a feature flag daemon with a Unix philosophy. Prior to 0.14.2 ...)
+ TODO: check
+CVE-2026-31863 (Anytype Heart is the middleware library for Anytype. The challenge-bas ...)
+ TODO: check
+CVE-2026-31862 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude C ...)
+ TODO: check
+CVE-2026-31861 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude C ...)
+ TODO: check
+CVE-2026-31859 (Craft is a content management system (CMS). The fix for CVE-2025-35939 ...)
+ TODO: check
+CVE-2026-31858 (Craft is a content management system (CMS). The ElementSearchControlle ...)
+ TODO: check
+CVE-2026-31857 (Craft is a content management system (CMS). Prior to 5.9.9 and 4.17.4, ...)
+ TODO: check
+CVE-2026-31856 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31854 (Cursor is a code editor built for programming with AI. Prior to 2.0 ,i ...)
+ TODO: check
+CVE-2026-31853 (ImageMagick is free and open-source software used for editing and mani ...)
+ TODO: check
+CVE-2026-31852 (Jellyfin is an open-source media system. The code-quality.yml GitHub A ...)
+ TODO: check
+CVE-2026-31840 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
+CVE-2026-31839 (Striae is a firearms examiner's comparison companion. A high-severity ...)
+ TODO: check
+CVE-2026-31813 (Supabase Auth is a JWT based API for managing users and issuing JWT to ...)
+ TODO: check
+CVE-2026-30903 (External Control of File Name or Path in the Mail feature of Zoom Work ...)
+ TODO: check
+CVE-2026-30902 (Improper Privilege Management in certain Zoom Clients for Windows may ...)
+ TODO: check
+CVE-2026-30901 (Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Ki ...)
+ TODO: check
+CVE-2026-30900 (Improper Check of minimum version in update functionality of certain Z ...)
+ TODO: check
+CVE-2026-30868 (OPNsense is a FreeBSD based firewall and routing platform. Prior to 26 ...)
+ TODO: check
+CVE-2026-30741 (A remote code execution (RCE) vulnerability in OpenClaw Agent Platform ...)
+ TODO: check
+CVE-2026-30239 (OpenProject is an open-source, web-based project management software. ...)
+ TODO: check
+CVE-2026-30236 (OpenProject is an open-source, web-based project management software. ...)
+ TODO: check
+CVE-2026-30235 (OpenProject is an open-source, web-based project management software. ...)
+ TODO: check
+CVE-2026-30234 (OpenProject is an open-source, web-based project management software. ...)
+ TODO: check
+CVE-2026-30226 (Svelte devalue is a JavaScript library that serializes values into str ...)
+ TODO: check
+CVE-2026-29777 (Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.10, A ...)
+ TODO: check
+CVE-2026-28803 (Open Forms allows users create and publish smart forms. Prior to 3.3.1 ...)
+ TODO: check
+CVE-2026-28229 (Argo Workflows is an open source container-native workflow engine for ...)
+ TODO: check
+CVE-2026-27897 (Vociferous provides cross-platform, offline speech-to-text with local ...)
+ TODO: check
+CVE-2026-27703 (RIOT is an open-source microcontroller operating system, designed to m ...)
+ TODO: check
+CVE-2026-27478 (Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4. ...)
+ TODO: check
+CVE-2026-24510 (Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, con ...)
+ TODO: check
+CVE-2026-24509 (Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, con ...)
+ TODO: check
+CVE-2026-24508 (Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, con ...)
+ TODO: check
+CVE-2026-22248 (GLPI is an open-source asset and IT management software package that p ...)
+ TODO: check
+CVE-2026-21888 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. ...)
+ TODO: check
+CVE-2026-20166 (In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Clou ...)
+ TODO: check
+CVE-2026-20165 (In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, ...)
+ TODO: check
+CVE-2026-20164 (In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, ...)
+ TODO: check
+CVE-2026-20163 (In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, ...)
+ TODO: check
+CVE-2026-20162 (In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, ...)
+ TODO: check
+CVE-2026-20118 (A vulnerability in the handling of an Egress Packet Network Interface ...)
+ TODO: check
+CVE-2026-20117 (A vulnerability in the web-based management interface of Cisco Unified ...)
+ TODO: check
+CVE-2026-20116 (A vulnerability in the web-based management interface of Cisco F ...)
+ TODO: check
+CVE-2026-20074 (A vulnerability in the Intermediate System-to-Intermediate System (IS- ...)
+ TODO: check
+CVE-2026-20046 (A vulnerability in task group assignment for a specific CLI command in ...)
+ TODO: check
+CVE-2026-20040 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
+ TODO: check
+CVE-2026-1993 (The ExactMetrics \u2013 Google Analytics Dashboard for WordPress plugi ...)
+ TODO: check
+CVE-2026-1992 (The ExactMetrics \u2013 Google Analytics Dashboard for WordPress plugi ...)
+ TODO: check
+CVE-2026-1732 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-1663 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-1524 (An edgecase in SSO implementation in Neo4j Enterprise edition versions ...)
+ TODO: check
+CVE-2026-1497 (Incorrect resolving of namespaces in composite databases in Neo4j Ente ...)
+ TODO: check
+CVE-2026-1471 (Excessive caching of authentication context in Neo4j Enterprise editio ...)
+ TODO: check
+CVE-2026-1454 (The Responsive Contact Form Builder & Lead Generation Plugin plugin fo ...)
+ TODO: check
+CVE-2026-1230 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-1090 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-1069 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-0602 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-0231 (An information disclosure vulnerability inPalo Alto Networks Cortex XD ...)
+ TODO: check
+CVE-2026-0230 (A problem with a protection mechanism in the Palo Alto Networks Cortex ...)
+ TODO: check
+CVE-2025-70330 (Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handl ...)
+ TODO: check
+CVE-2025-70082 (An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to exec ...)
+ TODO: check
+CVE-2025-70027 (An issue pertaining to CWE-918: Server-Side Request Forgery was discov ...)
+ TODO: check
+CVE-2025-68623 (In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low ...)
+ TODO: check
+CVE-2025-67298 (An issue in ClasroomIO before v.0.2.6 allows a remote attacker to esca ...)
+ TODO: check
+CVE-2025-67041 (An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host par ...)
+ TODO: check
+CVE-2025-67039 (An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authenti ...)
+ TODO: check
+CVE-2025-67038 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC m ...)
+ TODO: check
+CVE-2025-67037 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticat ...)
+ TODO: check
+CVE-2025-67036 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info p ...)
+ TODO: check
+CVE-2025-67035 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client ...)
+ TODO: check
+CVE-2025-67034 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticat ...)
+ TODO: check
+CVE-2025-14513 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-13929 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-13690 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-12704 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2025-12697 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-12690 (Execution with unnecessary privileges in Forcepoint NGFW Engine allows ...)
+ TODO: check
+CVE-2025-12576 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-12555 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2019-25487 (SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerabili ...)
+ TODO: check
+CVE-2019-25486 (Varient 1.6.1 contains an SQL injection vulnerability that allows unau ...)
+ TODO: check
+CVE-2019-25485 (R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the ...)
+ TODO: check
+CVE-2019-25484 (WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in th ...)
+ TODO: check
+CVE-2019-25483 (Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restrict ...)
+ TODO: check
+CVE-2019-25480 (ARMBot contains an unrestricted file upload vulnerability in upload.ph ...)
+ TODO: check
+CVE-2019-25478 (GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerabi ...)
+ TODO: check
+CVE-2019-25477 (RAR Password Recovery 1.80 contains a buffer overflow vulnerability th ...)
+ TODO: check
+CVE-2019-25476 (Outlook Password Recovery 2.10 contains a buffer overflow vulnerabilit ...)
+ TODO: check
+CVE-2019-25475 (SQL Server Password Changer 1.90 contains a buffer overflow vulnerabil ...)
+ TODO: check
+CVE-2019-25474 (Easy MP3 Downloader 4.7.8.8 contains a buffer overflow vulnerability t ...)
+ TODO: check
+CVE-2019-25472 (IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated a ...)
+ TODO: check
+CVE-2019-25471 (FileThingie 2.5.7 contains an arbitrary file upload vulnerability that ...)
+ TODO: check
+CVE-2019-25470 (eWON Firmware versions 12.2 to 13.0 contain an authentication bypass v ...)
+ TODO: check
+CVE-2019-25469 (Folder Lock 7.7.9 contains a buffer overflow vulnerability in the seri ...)
+ TODO: check
+CVE-2019-25468 (NetGain EM Plus 10.1.68 contains a remote code execution vulnerability ...)
+ TODO: check
+CVE-2019-25467 (Verypdf docPrint Pro 8.0 contains a structured exception handling buff ...)
+ TODO: check
+CVE-2019-25466 (Easy File Sharing Web Server 7.2 contains a local structured exception ...)
+ TODO: check
+CVE-2019-25465 (Hisilicon HiIpcam V100R003 contains a directory traversal vulnerabilit ...)
+ TODO: check
+CVE-2019-25464 (InputMapper 1.6.10 contains a buffer overflow vulnerability in the use ...)
+ TODO: check
+CVE-2019-25463 (SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of ...)
+ TODO: check
+CVE-2018-25159 (Epross AVCON6 systems management platform contains an object-graph nav ...)
+ TODO: check
+CVE-2026-3904 (Calling NSS-backed functions that support caching via nscd may call th ...)
- glibc 2.36-9 (bug #1033931)
[bullseye] - glibc <not-affected> (Vulnerable code introduced later)
NOTE: https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2026-0004
@@ -372,7 +692,7 @@ CVE-2024-14025 (An SQL injection vulnerability has been reported to affect Video
NOT-FOR-US: QNAP
CVE-2024-14024 (An improper certificate validation vulnerability has been reported to ...)
NOT-FOR-US: QNAP
-CVE-2026-3805
+CVE-2026-3805 (When doing a second SMB request to the same host again, curl would wro ...)
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <not-affected> (Vulnerable code introduced later)
@@ -380,21 +700,21 @@ CVE-2026-3805
NOTE: https://curl.se/docs/CVE-2026-3805.html
NOTE: Introduced with: https://github.com/curl/curl/commit/f4831daa9b2a97e8a2921d6b62cc4dfdd0d8646e (curl-8_13_0)
NOTE: Fixed by: https://github.com/curl/curl/commit/e090be9f73a7a71459ef678c7cc4b1f75e3ea883 (curl-8_19_0)
-CVE-2026-3784
+CVE-2026-3784 (curl would wrongly reuse an existing HTTP proxy connection doing CONNE ...)
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <no-dsa> (Minor issue)
NOTE: https://curl.se/docs/CVE-2026-3784.html
NOTE: Introduced with: https://github.com/curl/curl/commit/a1d6ad26100bc493c7b04f1301b1634b7f5aa8b4 (curl-7_7_alpha2)
NOTE: Fixed by: https://github.com/curl/curl/commit/5f13a7645e565c5c1a06f3ef86e97afb856fb364 (curl-8_19_0)
-CVE-2026-3783
+CVE-2026-3783 (When an OAuth2 bearer token is used for an HTTP(S) transfer, and that ...)
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <no-dsa> (Minor issue)
NOTE: https://curl.se/docs/CVE-2026-3783.html
NOTE: Introduced with: https://github.com/curl/curl/commit/06c1bea72faabb6fad4b7ef818aafaa336c9a7aa (curl-7_33_0)
NOTE: Fixed by: https://github.com/curl/curl/commit/e3d7401a32a46516c9e5ee877e613e62ed35bddc (curl-8_19_0)
-CVE-2026-1965
+CVE-2026-1965 (libcurl can in some circumstances reuse the wrong connection when aske ...)
- curl 8.19.0~rc3-1
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <no-dsa> (Minor issue)
@@ -4050,7 +4370,7 @@ CVE-2026-3441
- binutils <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443826
NOTE: binutils not covered by security support
-CVE-2026-3429
+CVE-2026-3429 (A flaw was identified in the Account REST API of Keycloak that allows ...)
- keycloak <itp> (bug #1088287)
CVE-2026-3432 (On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endp ...)
NOT-FOR-US: SimStudio
@@ -16634,7 +16954,7 @@ CVE-2025-9226 (Zohocorp ManageEngine OpManager, NetFlow Analyzer, and OpUtils ve
NOT-FOR-US: Zoho
CVE-2025-7964 (After receiving a malformed 802.15.4 MAC Data Request the Zigbee C ...)
NOT-FOR-US: Silicon Labs
-CVE-2025-6723 (Chef InSpec up to version 5.23 creates named pipes with overly permiss ...)
+CVE-2025-6723 (Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes ...)
NOT-FOR-US: Progress Software
CVE-2025-69662 (SQL injection vulnerability in geopandas before v.1.1.2 allows an atta ...)
- python-geopandas 1.1.2-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e1555b3ad1324962a69fa3d02c953396aa4e79
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e1555b3ad1324962a69fa3d02c953396aa4e79
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260311/e6b7b0c8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list