Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 75fa9b4a by Salvatore Bonaccorso at 2024-04-26T15:48:53+02:00 Add two new issues in python-jose - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -44,9 +44,12 @@ CVE-2024-33666 (An issue was discovered in Zammad before 6.3.0. Users with custo CVE-2024-33665 (angular-translate through 2.19.1 allows XSS via a crafted key that is ...) TODO: check CVE-2024-33664 (python-jose through 3.3.0 allows attackers to cause a denial of servic ...) - TODO: check + - python-jose <unfixed> + NOTE: https://github.com/mpdavis/python-jose/issues/344 + NOTE: https://github.com/mpdavis/python-jose/pull/345 CVE-2024-33663 (python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA k ...) - TODO: check + - python-jose <unfixed> + NOTE: https://github.com/mpdavis/python-jose/issues/346 CVE-2024-33661 (Portainer before 2.20.0 allows redirects when the target is not index. ...) NOT-FOR-US: Portainer CVE-2024-33651 (Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gi ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75fa9b4a4328066ab1e8e1296ca9cfecfaeb6a69 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75fa9b4a4328066ab1e8e1296ca9cfecfaeb6a69 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits