Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
32c1aa9e by Utkarsh Gupta at 2024-05-20T03:12:53+05:30
Mark CVE-2024-3817/*go-getter as not-affected for buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10989,6 +10989,7 @@ CVE-2024-3825 (Versions of the BlazeMeter Jenkins
plugin prior to 4.22 contain a
NOT-FOR-US: Jenkins plugin
CVE-2024-3817 (HashiCorp\u2019s go-getter library is vulnerable to argument
injection ...)
- golang-github-hashicorp-go-getter <unfixed>
+ [buster] - golang-github-hashicorp-go-getter <not-affected> (Vulnerable
code not present)
NOTE:
https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040
CVE-2024-3333 (The Essential Addons for Elementor plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32c1aa9e41ec061d3420f0ac21425ddffccb72a2
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32c1aa9e41ec061d3420f0ac21425ddffccb72a2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
