Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0e637032 by security tracker role at 2024-07-07T20:12:10+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,7 @@ +CVE-2024-6229 (A stored cross-site scripting (XSS) vulnerability exists in the 'Uploa ...) + TODO: check +CVE-2024-40614 (EGroupware before 23.1.20240624 mishandles an ORDER BY clause.) + TODO: check CVE-2024-40605 (An issue was discovered in the Foreground skin for MediaWiki through 1 ...) NOT-FOR-US: Foreground skin for MediaWiki CVE-2024-40604 (An issue was discovered in the Nimbus skin for MediaWiki through 1.42. ...) @@ -27200,7 +27204,7 @@ CVE-2023-52144 (Improper Limitation of a Pathname to a Restricted Directory ('Pa NOT-FOR-US: WordPress plugin CVE-2024-3508 (A flaw was found in Bombastic, which allows authenticated users to upl ...) NOT-FOR-US: Bombastic's use of bzip2 -CVE-2024-3651 [potential DoS via resource consumption via specially crafted inputs to idna.encode()] +CVE-2024-3651 (A vulnerability was identified in the kjd/idna library, specifically w ...) {DLA-3811-1} - python-idna 3.6-2.1 (bug #1069127) [bookworm] - python-idna 3.3-1+deb12u1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e637032c4cb9ecd269e58c326012549f868adb2 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e637032c4cb9ecd269e58c326012549f868adb2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits