[Git][security-tracker-team/security-tracker][master] Add new roundcube issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 5 13:05:58 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0bbb75dc by Salvatore Bonaccorso at 2024-08-05T14:05:08+02:00
Add new roundcube issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,12 @@
+CVE-2024-42010 [information leak (access to remote content) via insufficient CSS filtering]
+ - roundcube 1.6.8+dfsg-1 (bug #1077969)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/602d0f566eb39b6dcb739ad78323ec434a3b92ce
+CVE-2024-42009 [XSS vulnerability in post-processing of sanitized HTML content]
+ - roundcube 1.6.8+dfsg-1 (bug #1077969)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/68af7c864a36e1941764238dac440ab0d99a8d26
+CVE-2024-42008 [XSS vulnerability in serving of attachments other than HTML or SVG]
+ - roundcube 1.6.8+dfsg-1 (bug #1077969)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/89c8fe9ae9318c015807fbcbf7e39555fb30885d
CVE-2024-7470 (A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and M ...)
NOT-FOR-US: Raisecom
CVE-2024-7469 (A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and M ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bbb75dc43baece7df3ad1bf9ec69aa441eb29aa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bbb75dc43baece7df3ad1bf9ec69aa441eb29aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240805/91e18930/attachment.htm>
More information about the debian-security-tracker-commits
mailing list