Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7c62bd43 by Moritz Muehlenhoff at 2025-03-11T13:57:40+01:00
new php-laravel-framework issues
- - - - -
01530395 by Moritz Muehlenhoff at 2025-03-11T13:58:15+01:00
rear fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -294,9 +294,15 @@ CVE-2024-44192 (The issue was addressed with improved
checks. This issue is fixe
CVE-2024-44179 (This issue was addressed by restricting options offered on a
locked de ...)
NOT-FOR-US: Apple
CVE-2024-13919 (The Laravel framework versions between 11.9.0 and 11.35.1 are
suscepti ...)
- TODO: check
+ [experimental] - php-laravel-framework 11.44.0-1
+ - php-laravel-framework <unfixed>
+ NOTE:
https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-02_Laravel_Reflected_XSS_via_Route_Parameter_in_Debug-Mode_Error_Page
+ NOTE:
https://github.com/laravel/framework/commit/45287fb2a91c69bb1c110539b9b7341faf5aee33
(v11.36.0)
CVE-2024-13918 (The Laravel framework versions between 11.9.0 and 11.35.1 are
suscepti ...)
- TODO: check
+ [experimental] - php-laravel-framework 11.44.0-1
+ - php-laravel-framework <unfixed>
+ NOTE:
https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20241209-01_Laravel_Reflected_XSS_via_Request_Parameter_in_Debug-Mode_Error_Page
+ NOTE:
https://github.com/laravel/framework/commit/45287fb2a91c69bb1c110539b9b7341faf5aee33
(v11.36.0)
CVE-2024-12604 (Cleartext Storage of Sensitive Information in an Environment
Variable, ...)
NOT-FOR-US: Tapandsign Technologies Tap&Sign App
CVE-2022-48610 (This issue was addressed through improved state management.
This issue ...)
@@ -120955,7 +120961,7 @@ CVE-2024-0481 (A vulnerability was found in Taokeyun
up to 1.0.5. It has been ra
NOT-FOR-US: Taokeyun
CVE-2024-23301 (Relax-and-Recover (aka ReaR) through 2.7 creates a
world-readable init ...)
{DLA-3733-1}
- - rear <unfixed> (bug #1060747)
+ - rear 2.7+dfsg-1.2 (bug #1060747)
[bookworm] - rear <no-dsa> (Minor issue)
[bullseye] - rear <no-dsa> (Minor issue)
NOTE: https://github.com/rear/rear/issues/3122
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5d7dd0fc3386954d4fff440b98c4a045643a8336...0153039586d05e28934d68018ef332f21ca1d171
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5d7dd0fc3386954d4fff440b98c4a045643a8336...0153039586d05e28934d68018ef332f21ca1d171
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
