diff options
Diffstat (limited to 'security/vuxml/vuln/2025.xml')
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 183 |
1 files changed, 182 insertions, 1 deletions
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 26f3e80ef485..14393c4e4738 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,184 @@ + <vuln vid="45eb98d6-3b13-11f0-97f7-b42e991fc52e"> + <topic>grafana -- XSS vulnerability</topic> + <affects> + <package> + <name>grafana</name> + <range><lt>12.0.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@grafana.com reports:</p> + <blockquote cite="https://grafana.com/security/security-advisories/cve-2025-4123/"> + <p>A cross-site scripting (XSS) vulnerability exists in Grafana caused + by combining a client path traversal and open redirect. This allows + attackers to redirect users to a website that hosts a frontend + plugin that will execute arbitrary JavaScript. This vulnerability + does not require editor permissions and if anonymous access is + enabled, the XSS will work. If the Grafana Image Renderer plugin + is installed, it is possible to exploit the open redirect to achieve + a full read SSRF. + + The default Content-Security-Policy (CSP) in Grafana will block the + XSS though the `connect-src` directive.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-4123</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-4123</url> + </references> + <dates> + <discovery>2025-05-22</discovery> + <entry>2025-05-27</entry> + </dates> + </vuln> + + <vuln vid="e587b52d-38ac-11f0-b7b6-dcfe074bd614"> + <topic>cpython -- Use-after-free in "unicode_escape" decoder with error handler</topic> + <affects> + <package> + <name>python39</name> + <range><lt>3.9.22_1</lt></range> + </package> + <package> + <name>python310</name> + <range><lt>3.10.17_1</lt></range> + </package> + <package> + <name>python311</name> + <range><lt>3.11.12_1</lt></range> + </package> + <package> + <name>python312</name> + <range><lt>3.12.10_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cna@python.org reports:</p> + <blockquote cite="https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142"> + <p>There is an issue in CPython when using + `bytes.decode("unicode_escape", + error="ignore|replace")`. If you are not using the + "unicode_escape" encoding or an error handler your + usage is not affected. To work-around this issue you may stop + using the error= handler and instead wrap the bytes.decode() + call in a try-except catching the DecodeError.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-4516</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-4516</url> + </references> + <dates> + <discovery>2025-05-15</discovery> + <entry>2025-05-24</entry> + </dates> + </vuln> + + <vuln vid="5baa64d6-37ee-11f0-a116-8447094a420f"> + <topic>OpenSSL -- Inverted security logic in x509 app</topic> + <affects> + <package> + <name>openssl35</name> + <range><lt>3.5.0_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The OpenSSL project reports:</p> + <blockquote cite="https://openssl-library.org/news/secadv/20250522.txt"> + <p>The x509 application adds trusted use instead of rejected use (low)</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-4575</cvename> + <url>https://openssl-library.org/news/secadv/20250522.txt</url> + </references> + <dates> + <discovery>2025-05-23</discovery> + <entry>2025-05-23</entry> + </dates> + </vuln> + + <vuln vid="6529e5e7-36d5-11f0-8f57-b42e991fc52e"> + <topic>Firefox -- memory corruption due to race condition</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>137.0.2,2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>security@mozilla.org reports:</p> + <blockquote cite="https://bugzilla.mozilla.org/show_bug.cgi?id=1951554"> + <p>A race condition existed in nsHttpTransaction that could + have been exploited to cause memory corruption, potentially + leading to an exploitable condition.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-3608</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-3608</url> + </references> + <dates> + <discovery>2025-04-15</discovery> + <entry>2025-05-22</entry> + </dates> + </vuln> + + <vuln vid="a1a1b0c2-3791-11f0-8600-2cf05da270f3"> + <topic>Gitlab -- vulnerabilities</topic> + <affects> + <package> + <name>gitlab-ce</name> + <name>gitlab-ee</name> + <range><ge>18.0.0</ge><lt>18.0.1</lt></range> + <range><ge>17.11.0</ge><lt>17.11.3</lt></range> + <range><ge>10.2.0</ge><lt>17.10.7</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Gitlab reports:</p> + <blockquote cite="https://about.gitlab.com/releases/2025/05/21/patch-release-gitlab-18-0-1-released/"> + <p>Unprotected large blob endpoint in GitLab allows Denial of Service</p> + <p>Improper XPath validation allows modified SAML response to bypass 2FA requirement</p> + <p>A Discord webhook integration may cause DoS</p> + <p>Unbounded Kubernetes cluster tokens may lead to DoS</p> + <p>Unvalidated notes position may lead to Denial of Service</p> + <p>Hidden/masked variables may get exposed in the UI</p> + <p>Two-factor authentication requirement bypass</p> + <p>View full email addresses that should be partially obscured</p> + <p>Branch name confusion in confidential MRs</p> + <p>Unauthorized access to job data via a GraphQL query</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-0993</cvename> + <cvename>CVE-2024-12093</cvename> + <cvename>CVE-2024-7803</cvename> + <cvename>CVE-2025-3111</cvename> + <cvename>CVE-2025-2853</cvename> + <cvename>CVE-2025-4979</cvename> + <cvename>CVE-2025-0605</cvename> + <cvename>CVE-2025-0679</cvename> + <cvename>CVE-2024-9163</cvename> + <cvename>CVE-2025-1110</cvename> + <url>https://about.gitlab.com/releases/2025/05/21/patch-release-gitlab-18-0-1-released/</url> + </references> + <dates> + <discovery>2025-05-21</discovery> + <entry>2025-05-23</entry> + </dates> + </vuln> + <vuln vid="4abd86c1-366d-11f0-9c0c-000c29ffbb6c"> <topic>screen -- multiple vulnerabilities</topic> <affects> @@ -5431,7 +5612,7 @@ <affects> <package> <name>asterisk18</name> - <range><lt>18.26.20</lt></range> + <range><lt>18.26.2</lt></range> </package> <package> <name>asterisk20</name> |