Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e6ce76c7 by Moritz Mühlenhoff at 2025-05-02T15:48:15+02:00
more RUSTSEC assignments for wasmtime
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65342,7 +65342,8 @@ CVE-2024-47816 (ImportDump is a mediawiki extension
designed to automate user im
CVE-2024-47815 (IncidentReporting is a MediaWiki extension for moving incident
reports ...)
NOT-FOR-US: IncidentReporting MediaWiki extension
CVE-2024-47813 (Wasmtime is an open source runtime for WebAssembly. Under
certain conc ...)
- NOT-FOR-US: wasmtime
+ - rust-wasmtime 21.0.2+dfsg-1
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0439.html
CVE-2024-47812 (ImportDump is an extension for mediawiki designed to automate
user imp ...)
NOT-FOR-US: ImportDump MediaWiki extension
CVE-2024-47780 (TYPO3 is a free and open source Content Management Framework.
Backend ...)
@@ -65350,7 +65351,8 @@ CVE-2024-47780 (TYPO3 is a free and open source Content
Management Framework. Ba
CVE-2024-47773 (Discourse is an open source platform for community discussion.
An atta ...)
NOT-FOR-US: Discourse
CVE-2024-47763 (Wasmtime is an open source runtime for WebAssembly. Wasmtime's
impleme ...)
- NOT-FOR-US: wasmtime
+ - rust-wasmtime 21.0.2+dfsg-1
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0440.html
CVE-2024-47565 (A vulnerability has been identified in Siemens SINEC Security
Monitor ...)
NOT-FOR-US: Siemens
CVE-2024-47563 (A vulnerability has been identified in Siemens SINEC Security
Monitor ...)
@@ -118356,7 +118358,8 @@ CVE-2024-31207 (Vite (French word for "quick",
pronounced /vit/, like "veet") is
CVE-2024-30565 (An issue was discovered in SeaCMS version 12.9, allows remote
attacker ...)
NOT-FOR-US: SeaCMS
CVE-2024-30266 (wasmtime is a runtime for WebAssembly. The 19.0.0 release of
Wasmtime ...)
- NOT-FOR-US: wasmtime
+ - rust-wasmtime 21.0.2+dfsg-1
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0441.html
CVE-2024-30263 (macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla
pdf.js. ...)
NOT-FOR-US: PDF Viewer Macro for XWiki
CVE-2024-30261 (Undici is an HTTP/1.1 client, written from scratch for
Node.js. An att ...)
@@ -234643,9 +234646,11 @@ CVE-2022-39396 (Parse Server is an open source
backend that can be deployed to a
CVE-2022-39395 (Vela is a Pipeline Automation (CI/CD) framework built on Linux
contain ...)
NOT-FOR-US: Vela
CVE-2022-39394 (Wasmtime is a standalone runtime for WebAssembly. Prior to
version 2.0 ...)
- NOT-FOR-US: wasmtime
+ - rust-wasmtime <not-affected> (Fixed before initial upload to the
archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0097.html
CVE-2022-39393 (Wasmtime is a standalone runtime for WebAssembly. Prior to
version 2.0 ...)
- NOT-FOR-US: wasmtime
+ - rust-wasmtime <not-affected> (Fixed before initial upload to the
archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0098.html
CVE-2022-39392 (Wasmtime is a standalone runtime for WebAssembly. Prior to
version 2.0 ...)
- rust-wasmtime <not-affected> (Fixed before initial upload to the
archive)
NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0102.html
@@ -257994,7 +257999,8 @@ CVE-2022-31106 (Underscore.deep is a collection of
Underscore mixins that operat
CVE-2022-31105 (Argo CD is a declarative, GitOps continuous delivery tool for
Kubernet ...)
NOT-FOR-US: Argo CD
CVE-2022-31104 (Wasmtime is a standalone runtime for WebAssembly. In affected
versions ...)
- NOT-FOR-US: wasmtime
+ - rust-wasmtime <not-affected> (Fixed before initial upload to the
archive)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0095.html
CVE-2022-31103 (lettersanitizer is a DOM-based HTML email sanitizer for
in-browser ema ...)
NOT-FOR-US: Node lettersanitizer
CVE-2022-31102 (Argo CD is a declarative, GitOps continuous delivery tool for
Kubernet ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6ce76c77da3454fcf15ed05c11501cbef5871e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6ce76c77da3454fcf15ed05c11501cbef5871e9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
