[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Fri, 13 Sep 2024 11:08:49 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d095ecba by Moritz Muehlenhoff at 2024-09-13T20:07:55+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -369,7 +369,7 @@ CVE-2024-45824 (CVE-2024-45824 IMPACT    A remote code 
vulnerability exists in t
 CVE-2024-45823 (CVE-2024-45823 IMPACT    An authentication bypass 
vulnerability exists ...)
        NOT-FOR-US: Rockwell Automation
 CVE-2024-45624 (Exposure of sensitive information due to incompatible policies 
issue e ...)
-       - pgpool2 <unfixed>
+       - pgpool2 <unfixed> (bug #1081659)
        NOTE: 
https://www.pgpool.net/mediawiki/index.php/Main_Page#Pgpool-II_4.5.4.2C_4.4.9.2C_4.3.12.2C_4.2.19_and_4.1.22_officially_released_.282024.2F09.2F09.29
 CVE-2024-45607 (whatsapp-api-js is a TypeScript server agnostic Whatsapp's 
Official AP ...)
        NOT-FOR-US: whatsapp-api-js
@@ -808,7 +808,7 @@ CVE-2024-45592 (auditor-bundle, formerly known as 
DoctrineAuditBundle, integrate
 CVE-2024-45591 (XWiki Platform is a generic wiki platform. The REST API 
exposes the hi ...)
        NOT-FOR-US: XWiki
 CVE-2024-45590 (body-parser is Node.js body parsing middleware. body-parser 
<1.20.3 is ...)
-       - node-body-parser <unfixed>
+       - node-body-parser <unfixed> (bug #1081657)
        NOTE: 
https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7
        NOTE: 
https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce
 (1.20.3)
 CVE-2024-45412 (Yeti bridges the gap between CTI and DFIR practitioners by 
providing a ...)
@@ -1264,7 +1264,7 @@ CVE-2024-45411 (Twig is a template language for PHP. 
Under some circumstances, t
 CVE-2024-45406 (Craft is a content management system (CMS). Craft CMS 5 stored 
XSS can ...)
        NOT-FOR-US: Craft CMS
 CVE-2024-45296 (path-to-regexp turns path strings into a regular expressions. 
In certa ...)
-       - node-path-to-regexp <unfixed>
+       - node-path-to-regexp <unfixed> (bug #1081656)
        NOTE: 
https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j
        NOTE: 
https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6
 (v8.0.0)
 CVE-2024-45041 (External Secrets Operator is a Kubernetes operator that 
integrates ext ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d095ecba274f893cc2b38866718d3688d56fd664

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d095ecba274f893cc2b38866718d3688d56fd664
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to