Skip to content

Commit 00ea776

Browse files
iamleotiamleot
committed
pkg-vulnerabilities: add last 24 hours CVEs
+ chromium, go, openvpn, pgbouncer, png python (fixed upstream / backport in progress / no stable release with fix) qt5-declarative (not fixed and seems the open source version EOL), qt6-declarative (backported, fix will be present in 6.10.2 once released), webkit-gtk (no further details available in references, assume not fixed)
1 parent 7afa8e9 commit 00ea776

1 file changed

Lines changed: 15 additions & 1 deletion

File tree

doc/pkg-vulnerabilities

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# $NetBSD: pkg-vulnerabilities,v 1.677 2025/12/03 10:36:26 leot Exp $
1+
# $NetBSD: pkg-vulnerabilities,v 1.678 2025/12/04 10:03:25 leot Exp $
22
#
33
#FORMAT 1.0.0
44
#
@@ -29041,3 +29041,17 @@ py{27,39,310,311,312,313,314}-django<4.2.27 denial-of-service https://nvd.nist.g
2904129041
py{27,39,310,311,312,313,314}-django>=5<5.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-64460
2904229042
wireshark<4.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13945
2904329043
wireshark<4.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13946
29044+
chromium<139.0.7258.66 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-13992
29045+
go124<1.24.11 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61727
29046+
go125<1.25.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61727
29047+
openvpn<2.6.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13086
29048+
pgbouncer<1.25.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-12819
29049+
png<1.6.52 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-66293
29050+
python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084
29051+
python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084
29052+
python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084
29053+
python313-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084
29054+
python314-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084
29055+
qt5-qtdeclarative-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12385
29056+
qt6-qtdeclarative<6.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12385
29057+
webkit-gtk-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-13947

0 commit comments

Comments
 (0)