[Git][security-tracker-team/security-tracker][master] Add CVE-2024-43788/node-webpack

Wed Aug 28 07:35:21 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6648193b by Salvatore Bonaccorso at 2024-08-28T08:34:32+02:00
Add CVE-2024-43788/node-webpack

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -68,7 +68,9 @@ CVE-2024-44341 (D-Link DIR-846W A1 FW100A43 was discovered to contain a remote c
 CVE-2024-44340 (D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command ...)
 	NOT-FOR-US: D-Link
 CVE-2024-43788 (Webpack is a module bundler. Its main purpose is to bundle JavaScript  ...)
-	TODO: check
+	- node-webpack <unfixed>
+	NOTE: https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986
+	NOTE: Fixed by: https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61 (v5.94.0)
 CVE-2024-43783 (The Apollo Router Core is a configurable, high-performance graph route ...)
 	TODO: check
 CVE-2024-43414 (Apollo Federation is an architecture for declaratively composing APIs  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6648193bea442e54ad73fa8c17f3ab3691148e67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6648193bea442e54ad73fa8c17f3ab3691148e67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240828/0b20b133/attachment.htm>
