Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c333b87d by Moritz Muehlenhoff at 2024-02-09T14:44:27+01:00 new python-multipart issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -921,7 +921,11 @@ CVE-2023-32451 (Dell Display Manager application, version 2.1.1.17, contains a v CVE-2024-24768 (1Panel is an open source Linux server operation and maintenance manage ...) NOT-FOR-US: 1Panel CVE-2024-24762 (FastAPI is a web framework for building APIs with Python 3.8+ based on ...) - TODO: check + - python-multipart <unfixed> + NOTE: Original report at fastapi: https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389 + NOTE: But the fix is within python-multipart: + NOTE: https://github.com/Kludex/python-multipart/commit/20f0ef6b4e4caf7d69a667c54dff57fe467109a4 + NOTE: https://github.com/Kludex/python-multipart/pull/75 CVE-2024-24469 (Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows ...) NOT-FOR-US: flusity-CMS CVE-2024-24468 (Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c333b87de1ef9112ecdaf08effcdfad9ff527057 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c333b87de1ef9112ecdaf08effcdfad9ff527057 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits