Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b1fb83f3 by Moritz Muehlenhoff at 2025-07-15T11:54:40+02:00
new ruby issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -512,7 +512,13 @@ CVE-2025-53871
CVE-2025-53636 (Open OnDemand is an open-source HPC portal. Users can flood
logs by in ...)
NOT-FOR-US: Open OnDemand
CVE-2025-24294 (The attack vector is a potential Denial of Service (DoS). The
vulnerab ...)
- TODO: check
+ - ruby3.3 <unfixed>
+ - ruby3.1 <removed>
+ - ruby2.7 <removed>
+ NOTE:
https://www.ruby-lang.org/en/news/2025/07/08/dos-resolv-cve-2025-24294/
+ NOTE:
https://github.com/ruby/resolv/commit/4c2f71b5e80826506f78417d85b38481c058fb25
(v0.6.2)
+ NOTE:
https://github.com/ruby/resolv/commit/24ed513f028d8e5c76310fcdecf07f79eb721a32
(v0.3.1)
+ NOTE:
https://github.com/ruby/resolv/commit/cde34cac9d87c37b33c19eede3ed49ac3f465a18
(v0.2.3)
CVE-2025-1313 (The Nokri - Job Board WordPress Theme theme for WordPress is
vulnerabl ...)
NOT-FOR-US: WordPress plugin
CVE-2024-38648 (A hardcoded secret in Ivanti DSM before 2024.2 allows an
authenticated ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1fb83f31b04a64f513a897760581c1265f2ecd2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1fb83f31b04a64f513a897760581c1265f2ecd2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
