| Date | 2025-10-22 |
| Severity | |
| Affected | Current LTS version 5.1, < 5.1.3; Legacy version 4.5, < 4.5.7 |
| Fixed in | 5.1.3; 4.5.7 |
| CVE |
Problem
Impact assessment
Solution
- Update to BlueSpice 5.1.3
- Update to BlueSpice 4.5.7
False positives in 4.5.7 audit
Audit tools may detect
CVE-2025-53625 and CVE-2025-59839 in builds of 4.5.7. This is because there are no fixed compatible versions of the affected components available. The versions bundled with the 4.5.7 release do contain the neccessary fixes for those issues as backports. It is just their version numbers are not known to be fixed by the vulnerability databases.
Acknowledgements
Reported by various community members
