Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: e1badc6e by Moritz Muehlenhoff at 2025-01-23T09:15:46+01:00 phpmyadmin CVEfied - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,7 +1,11 @@ CVE-2025-24530 (An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnera ...) - TODO: check + - phpmyadmin 4:5.2.2-really5.2.2+20250121+dfsg-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2025-1/ + NOTE: Fixed by: https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7 (RELEASE_5_2_2) CVE-2025-24529 (An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnera ...) - TODO: check + - phpmyadmin 4:5.2.2-really5.2.2+20250121+dfsg-1 + NOTE: https://www.phpmyadmin.net/security/PMASA-2025-2/ + NOTE: Fixed by: https://github.com/phpmyadmin/phpmyadmin/commit/7355ddff8d1da9453cf43c09a45666157b16103d (RELEASE_5_2_2) CVE-2025-24030 (Envoy Gateway is an open source project for managing Envoy Proxy as a ...) TODO: check CVE-2024-57724 (lunasvg v3.0.0 was discovered to contain a segmentation violation via ...) @@ -733,14 +737,6 @@ CVE-2025-0411 [7-Zip Mark-of-the-Web Bypass Vulnerability] NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source package NOTE: depending on 7zip. Mark this version as fixed version. NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-045/ -CVE-2025-XXXX [PMASA-2025-2: XSS on Insert page] - - phpmyadmin 4:5.2.2-really5.2.2+20250121+dfsg-1 - NOTE: https://www.phpmyadmin.net/security/PMASA-2025-2/ - NOTE: Fixed by: https://github.com/phpmyadmin/phpmyadmin/commit/7355ddff8d1da9453cf43c09a45666157b16103d (RELEASE_5_2_2) -CVE-2025-XXXX [PMASA-2025-1: XSS when checking tables] - - phpmyadmin 4:5.2.2-really5.2.2+20250121+dfsg-1 - NOTE: https://www.phpmyadmin.net/security/PMASA-2025-1/ - NOTE: Fixed by: https://github.com/phpmyadmin/phpmyadmin/commit/23c13a81709728089ff031e5b1c29b5e91baa6a7 (RELEASE_5_2_2) CVE-2025-23085 [GOAWAY HTTP/2 frames cause memory leak outside heap] - nodejs <unfixed> NOTE: https://nodejs.org/en/blog/vulnerability/january-2025-security-releases#goaway-http2-frames-cause-memory-leak-outside-heap-cve-2025-23085---medium View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1badc6e12ad30b48b89f2d368dff6f4d274beaf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1badc6e12ad30b48b89f2d368dff6f4d274beaf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
