Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4d7d25c9 by Salvatore Bonaccorso at 2024-02-25T21:31:08+01:00 Add CVE-2024-21501/node-sanitize-html - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -143,7 +143,12 @@ CVE-2024-22395 (Improper access control vulnerability has been identified in the CVE-2024-21502 (Versions of the package fastecdsa before 2.3.2 are vulnerable to Use o ...) NOT-FOR-US: fastecdsa CVE-2024-21501 (Versions of the package sanitize-html before 2.12.1 are vulnerable to ...) - TODO: check + - node-sanitize-html <unfixed> + NOTE: https://github.com/apostrophecms/sanitize-html/pull/650 + NOTE: https://gist.github.com/Slonser/8b4d061abe6ee1b2e10c7242987674cf + NOTE: https://github.com/apostrophecms/apostrophe/discussions/4436 + NOTE: https://github.com/apostrophecms/sanitize-html/commit/075499d1b98c387f4200fd59972ca9b15796b51b (2.12.1) + NOTE: https://github.com/apostrophecms/sanitize-html/commit/1e2294c8001ce07c89448e03289818da631795ba (2.12.1) CVE-2024-21423 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2024-1810 (The Archivist \u2013 Custom Archive Templates plugin for WordPress is ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d7d25c99a296c4c3337fad73ef29e9f63a88cdf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d7d25c99a296c4c3337fad73ef29e9f63a88cdf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits