Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f58f993a by Salvatore Bonaccorso at 2025-07-28T19:31:12+02:00
CVE-2024-58265/rust-snow assigned
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -151,8 +151,6 @@ CVE-2025-8242 (A vulnerability has been found in TOTOLINK
X15 1.0.0-B20230714.11
NOT-FOR-US: TOTOLINK
CVE-2025-8241 (A vulnerability, which was classified as critical, was found in
1000 P ...)
NOT-FOR-US: 1000 Projects ABC Courier Management System
-CVE-2024-58265 (The snow crate before 0.9.5 for Rust, when stateful
TransportState is ...)
- TODO: check
CVE-2024-58264 (The serde-json-wasm crate before 1.0.1 for Rust allows stack
consumpti ...)
TODO: check
CVE-2023-53161 (The buffered-reader crate before 1.1.5 for Rust allows
out-of-bounds a ...)
@@ -161944,7 +161942,7 @@ CVE-2023-37527 (A reflected cross-site scripting
(XSS) vulnerability in the Web
NOT-FOR-US: HCL
CVE-2023-32967 (An incorrect authorization vulnerability has been reported to
affect s ...)
NOT-FOR-US: QNAP
-CVE-2024-XXXX [GHSA-7g9j-g5jg-3vv3: Unauthenticated Nonce Increment in snow]
+CVE-2024-58265 [GHSA-7g9j-g5jg-3vv3: Unauthenticated Nonce Increment in snow]
- rust-snow 0.9.6-1 (bug #1062663)
NOTE:
https://github.com/mcginty/snow/security/advisories/GHSA-7g9j-g5jg-3vv3
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0011.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f58f993abc6245e7821eb33daa7c43a2e9584dc3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f58f993abc6245e7821eb33daa7c43a2e9584dc3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
