[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68971/forgejo, itp'ed
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 16 22:00:47 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b173e50c by Salvatore Bonaccorso at 2026-03-16T22:59:19+01:00
Add CVE-2025-68971/forgejo, itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -219,7 +219,7 @@ CVE-2025-69236 (Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value
CVE-2025-69196 (FastMCP is the standard framework for building MCP applications. Prior ...)
NOT-FOR-US: FastMCP
CVE-2025-68971 (In Forgejo through 13.0.3, the attachment component allows a denial of ...)
- TODO: check
+ - forgejo <itp> (bug #1058932)
CVE-2025-66687 (Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to miss ...)
NOT-FOR-US: Doom Launcher
CVE-2025-65734 (An authenticated arbitrary file upload vulnerability in the Courses/Wo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b173e50c1237386b38ac2b77e7cd2ff10e0580ce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b173e50c1237386b38ac2b77e7cd2ff10e0580ce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260316/58f4464d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list